CVE-2022-22360
First published: Mon Jul 04 2022(Updated: )
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting permission to unauthorized resources. IBM X-Force ID: 220782.
Credit: psirt@us.ibm.com psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Partner Engagement Manager | >=6.1.2<6.1.2.5 | |
| IBM Partner Engagement Manager | >=6.1.2<6.1.2.5 | |
| IBM Partner Engagement Manager | >=6.2.0<6.2.0.3 | |
| IBM Partner Engagement Manager | >=6.2.0<6.2.0.3 | |
| Ibm Partner Engagement Manager On Cloud\/saas | =22.2 | |
| <=6.1.2 | ||
| <=6.1.2 | ||
| <=6.2 | ||
| <=6.2 | ||
| <=22.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this IBM Sterling Partner Engagement Manager vulnerability?
The vulnerability ID for this IBM Sterling Partner Engagement Manager vulnerability is CVE-2022-22360.
What is the severity level of CVE-2022-22360 vulnerability?
The severity level of CVE-2022-22360 vulnerability is high with a severity value of 8.8.
How can an attacker exploit CVE-2022-22360 vulnerability?
An attacker can exploit CVE-2022-22360 vulnerability by conducting an LDAP injection using a specially crafted request.
Which versions of IBM Sterling Partner Engagement Manager are affected by CVE-2022-22360?
Versions 6.1.2, 6.2, and Cloud/SasS 22.2 of IBM Sterling Partner Engagement Manager are affected by CVE-2022-22360.
How can I fix CVE-2022-22360 vulnerability?
You can fix CVE-2022-22360 vulnerability by applying the relevant patches provided by IBM.
- collector/nvd-index
- collector/nvd-api
- agent/author
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/remedy
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/event
- agent/description
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm partner engagement manager
- version/ibm partner engagement manager/6.1.2
- version/ibm partner engagement manager/6.2.0
- canonical/ibm partner engagement manager on cloud\/saas
- version/ibm partner engagement manager on cloud\/saas/22.2
- canonical/ibm sterling partner engagement manager essentials edition
- version/ibm sterling partner engagement manager essentials edition/6.1.2
- canonical/ibm sterling partner engagement manager standard edition
- version/ibm sterling partner engagement manager standard edition/6.1.2
- version/ibm sterling partner engagement manager essentials edition/6.2
- version/ibm sterling partner engagement manager standard edition/6.2
- canonical/ibm sterling partner engagement manager on cloud / saas
- version/ibm sterling partner engagement manager on cloud / saas/22.2