IBM Security Directory Suite VA command execution
CVE-2022-32752

7.2HIGH

Key Information:

Vendor: IBM
Status: Security Directory Suite Va
Vendor: CVE Published:; 15 June 2023

Summary

IBM Security Directory Suite versions 8.0.1 through 8.0.1.19 are susceptible to a vulnerability that allows a remote authenticated attacker to execute arbitrary commands on the system. This vulnerability arises from the handling of specially crafted requests that can exploit the system's command execution capabilities. It is crucial for users of these versions to apply the recommended security updates to mitigate potential risks associated with unauthorized command execution.

Affected Version(s)

Security Directory Suite VA 8.0.1 <= 8.0.1.19

References

https://www.ibm.com/support/pages/node/7001693

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/228439

vdb-entry

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 15, 2023
Vulnerability Reserved
Jun 9, 2022