CVE-2022-22476
published 2022-07-08CVE-2022-22476: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | open_liberty | >= 17.0.0.3 < 22.0.0.8 | 22.0.0.8 |
| ibm | websphere_application_server | >= 17.0.0.3 < 22.0.0.8 | 22.0.0.8 |
| ibm | websphere_application_server_liberty | — | — |
| ibm | websphere_application_server_liberty | — | — |