IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.
References
| Link | Resource |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/238805 | VDB Entry Vendor Advisory |
| https://www.ibm.com/support/pages/node/6844453 | Patch Vendor Advisory |
Configurations
History
07 Nov 2023, 03:53
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805. |
27 Jun 2023, 13:23
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-862 |
10 Dec 2022, 03:07
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://www.ibm.com/support/pages/node/6844453 - Patch, Vendor Advisory | |
| References | (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/238805 - VDB Entry, Vendor Advisory | |
| CPE | cpe:2.3:a:ibm:content_navigator:*:*:*:*:*:*:*:* | |
| CWE | CWE-119 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| First Time |
Ibm
Ibm content Navigator |
07 Dec 2022, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-12-07 18:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-43581
Mitre link : CVE-2022-43581
CVE.ORG link : CVE-2022-43581
JSON object : View
Products Affected
ibm
- content_navigator