CVE-2022-22356
CVE-2022-22356
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
05 Apr 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts. IBM X-Force ID: 220487.
CVSS:3.0/C:H/PR:L/S:U/I:N/UI:N/A:N/AV:N/AC:H/E:U/RC:C/RL:O
Affected products
IBM · MQ Appliance