CVE-2022-22310
First published: Tue Jan 18 2022(Updated: )
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224.
Credit: psirt@us.ibm.com psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM WebSphere Application Server Liberty | <=21.0.0.10 - 21.0.0.12 | |
| Ibm Websphere Application Server | >=21.0.0.10<=21.0.0.12 | |
| Apple macOS | ||
| HP HP-UX | ||
| IBM AIX | ||
| IBM i | ||
| Ibm Z\/os | ||
| Linux Linux kernel | ||
| Microsoft Windows | ||
| Oracle Solaris |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-22310?
CVE-2022-22310 is a vulnerability in IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 that could provide weaker than expected security, allowing a remote attacker to obtain sensitive information and gain unauthorized access to JAX-WS applications.
What is the severity of CVE-2022-22310?
The severity of CVE-2022-22310 is medium with a severity value of 6.5.
How does CVE-2022-22310 affect IBM WebSphere Application Server Liberty?
CVE-2022-22310 affects IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 by providing weaker than expected security, which can lead to unauthorized access and the exposure of sensitive information in JAX-WS applications.
How can a remote attacker exploit CVE-2022-22310?
A remote attacker can exploit CVE-2022-22310 by taking advantage of the weaker than expected security in IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12, allowing them to obtain sensitive information and gain unauthorized access to JAX-WS applications.
Is there any additional information available about CVE-2022-22310?
Yes, you can find more information about CVE-2022-22310 at the following references: [IBM X-Force ID: 217224](https://exchange.xforce.ibmcloud.com/vulnerabilities/217224) and [IBM support page](https://www.ibm.com/support/pages/node/6541530).
- collector/ibm-support
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/references
- agent/event
- agent/remedy
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm websphere application server liberty
- version/ibm websphere application server liberty/21.0.0.10 - 21.0.0.12
- canonical/ibm websphere application server
- version/ibm websphere application server/21.0.0.10
- version/ibm websphere application server/21.0.0.12
- vendor/apple
- canonical/apple macos
- vendor/hp
- canonical/hp hp-ux
- canonical/ibm aix
- canonical/ibm i
- canonical/ibm z\/os
- vendor/linux
- canonical/linux linux kernel
- vendor/microsoft
- canonical/microsoft windows
- vendor/oracle
- canonical/oracle solaris