CVE-2022-35286: CSRF
First published: Tue Jul 12 2022(Updated: )
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Verify Information Queue | =10.0.2 | |
| Linux Linux kernel | ||
| <=10.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for IBM Security Verify Information Queue?
The vulnerability ID for IBM Security Verify Information Queue is CVE-2022-35286.
What is the severity of CVE-2022-35286?
The severity of CVE-2022-35286 is high with a severity value of 8.8.
What can an attacker do with CVE-2022-35286?
An attacker can execute malicious and unauthorized actions transmitted from a trusted user.
Is IBM Security Verify Information Queue 10.0.2 affected by CVE-2022-35286?
Yes, IBM Security Verify Information Queue 10.0.2 is affected by CVE-2022-35286.
How can I fix CVE-2022-35286?
To fix CVE-2022-35286, apply the necessary security patches or updates provided by IBM.
- collector/nvd-index
- agent/references
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/severity
- agent/description
- agent/softwarecombine
- agent/event
- agent/tags
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm security verify information queue
- version/ibm security verify information queue/10.0.2
- vendor/linux
- canonical/linux linux kernel