Identity Spoofing Vulnerability in IBM WebSphere Application Server Liberty
CVE-2022-22476

5MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
8 July 2022

Summary

The IBM WebSphere Application Server Liberty and Open Liberty versions are susceptible to identity spoofing. An authenticated attacker could exploit this vulnerability by sending specially crafted requests, potentially impersonating other users within the system. This raises serious security concerns, making it critical for users to apply necessary patches and updates to mitigate risks.

Affected Version(s)

WebSphere Application Server Liberty 17.0.0.3

WebSphere Application Server Liberty 22.0.0.7

References

CVSS V3.1

Score:
5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.