CVE-2022-22484
CVE-2022-22484
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.1EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
17 May 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322.
CVSS:3.0/AC:H/A:N/AV:L/PR:N/S:U/C:H/I:N/UI:N/E:U/RL:O/RC:C
Affected products
IBM · Spectrum Protect Operations Center