Vulnerabilities > CVE-2022-43901 - Exposure of Resource to Wrong Sphere vulnerability in IBM Websphere Automation for IBM Cloud PAK for Watson Aiops 1.4.2

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

ibm

CWE-668

NVD

Published: 2022-12-01

Updated: 2023-11-07

Summary

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps components. IBM X-Force ID: 240829.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Websphere Automation FOR IBM Cloud PAK FOR Watson Aiops 1.4.2	1

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://www.ibm.com/support/pages/node/6842605
https://exchange.xforce.ibmcloud.com/vulnerabilities/240829