CVE-2022-22349
published 2022-02-24CVE-2022-22349: IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI…
medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | sterling_external_authentication_server | — | — |
| ibm | sterling_external_authentication_server | — | — |
| ibm | sterling_external_authentication_server | — | — |