Vulnerability Details : CVE-2022-22423
IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2022-22423
- IBM » Common Cryptographic Architecture » Mtm For 4769 EditionVersions from including (>=) 7.0.0 and before (<) 7.3.44cpe:2.3:a:ibm:common_cryptographic_architecture:*:*:*:*:mtm_for_4769:*:*:*
- IBM » Common Cryptographic Architecture » Mtm For 4767 EditionVersions from including (>=) 5.0.0 and before (<) 5.7.12cpe:2.3:a:ibm:common_cryptographic_architecture:*:*:*:*:mtm_for_4767:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-22423
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-22423
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
2.0
|
4.0
|
IBM Corporation | |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2022-22423
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-22423
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/223596
IBM Common Cryptographic Architecture denial of service CVE-2022-22423 Vulnerability ReportVDB Entry;Vendor Advisory
-
https://www.ibm.com/support/pages/node/6695893
Security Bulletin: IBM Common Cryptographic Architecture (CCA) is vulnerable to denial of service (CVE-2022-22423)Patch;Vendor Advisory
Jump to