In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/226325 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6595655 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2022-06-17 09:15
Updated : 2022-06-28 06:54
NVD link : CVE-2022-22485
Mitre link : CVE-2022-22485
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
ibm
- spectrum_protect_operations_center
- aix
microsoft
- windows
linux
- linux_kernel