Vulnerability-Lookup

CVE-2022-32753 (GCVE-0-2022-32753)

Vulnerability from cvelistv5 – Published: 2024-03-22 15:26 – Updated: 2024-08-03 07:46

Title

IBM Security Verify Directory information disclosure

Summary

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228444.

Severity

4.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-326 - Inadequate Encryption Strength

Assigner

ibm

References

2 references

URL	Tags
https://www.ibm.com/support/pages/node/7145001	vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entry

Impacted products

1 product

Vendor	Product	Version
IBM	Security Verify Directory	Affected: 10.0.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-32753",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-12T21:19:13.147757Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T21:19:22.364Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:46:44.926Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/pages/node/7145001"
          },
          {
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228444"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Security Verify Directory",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444."
            }
          ],
          "value": "IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-326",
              "description": "CWE-326 Inadequate Encryption Strength",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-22T15:26:23.956Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.ibm.com/support/pages/node/7145001"
        },
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228444"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM Security Verify Directory information disclosure",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2022-32753",
    "datePublished": "2024-03-22T15:26:23.956Z",
    "dateReserved": "2022-06-09T15:49:18.231Z",
    "dateUpdated": "2024-08-03T07:46:44.926Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-32753",
      "date": "2026-05-31",
      "epss": "0.00014",
      "percentile": "0.02622"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:security_verify_directory:10.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"213D3285-0B6B-49AD-81C2-7265F3349B09\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444.\"}, {\"lang\": \"es\", \"value\": \"IBM Security Verify Directory 10.0.0 utiliza algoritmos criptogr\\u00e1ficos m\\u00e1s d\\u00e9biles de lo esperado que podr\\u00edan permitir a un atacante descifrar informaci\\u00f3n altamente confidencial. ID de IBM X-Force: 228444.\"}]",
      "id": "CVE-2022-32753",
      "lastModified": "2024-11-21T07:06:53.723",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@us.ibm.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 4.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}]}",
      "published": "2024-03-22T16:15:07.977",
      "references": "[{\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/228444\", \"source\": \"psirt@us.ibm.com\", \"tags\": [\"VDB Entry\", \"Vendor Advisory\"]}, {\"url\": \"https://www.ibm.com/support/pages/node/7145001\", \"source\": \"psirt@us.ibm.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/228444\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"VDB Entry\", \"Vendor Advisory\"]}, {\"url\": \"https://www.ibm.com/support/pages/node/7145001\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@us.ibm.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"psirt@us.ibm.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-326\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-32753\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2024-03-22T16:15:07.977\",\"lastModified\":\"2024-11-21T07:06:53.723\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444.\"},{\"lang\":\"es\",\"value\":\"IBM Security Verify Directory 10.0.0 utiliza algoritmos criptogr\u00e1ficos m\u00e1s d\u00e9biles de lo esperado que podr\u00edan permitir a un atacante descifrar informaci\u00f3n altamente confidencial. ID de IBM X-Force: 228444.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-326\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:security_verify_directory:10.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"213D3285-0B6B-49AD-81C2-7265F3349B09\"}]}]}],\"references\":[{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/228444\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/pages/node/7145001\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/228444\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/pages/node/7145001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.ibm.com/support/pages/node/7145001\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/228444\", \"tags\": [\"vdb-entry\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:46:44.926Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-32753\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-12T21:19:13.147757Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-12T21:19:19.953Z\"}}], \"cna\": {\"title\": \"IBM Security Verify Directory information disclosure\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.5, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"IBM\", \"product\": \"Security Verify Directory\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.0\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.ibm.com/support/pages/node/7145001\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/228444\", \"tags\": [\"vdb-entry\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-326\", \"description\": \"CWE-326 Inadequate Encryption Strength\"}]}], \"providerMetadata\": {\"orgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"shortName\": \"ibm\", \"dateUpdated\": \"2024-03-22T15:26:23.956Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-32753\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-03T07:46:44.926Z\", \"dateReserved\": \"2022-06-09T15:49:18.231Z\", \"assignerOrgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"datePublished\": \"2024-03-22T15:26:23.956Z\", \"assignerShortName\": \"ibm\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CNVD-2024-15730

Vulnerability from cnvd - Published: 2024-04-02

Title

IBM Security Verify Directory加密问题漏洞

Description

IBM Security Verify Directory是美国国际商业机器（IBM）公司的一款身份验证和访问管理解决方案的一部分。 IBM Security Verify Directory 10.0.0版本存在加密问题漏洞，该漏洞源于使用弱的加密算法，攻击者可利用该漏洞解密高度敏感的信息。

Severity

中

Patch Name

IBM Security Verify Directory加密问题漏洞的补丁

Patch Description

IBM Security Verify Directory是美国国际商业机器（IBM）公司的一款身份验证和访问管理解决方案的一部分。 IBM Security Verify Directory 10.0.0版本存在加密问题漏洞，该漏洞源于使用弱的加密算法，攻击者可利用该漏洞解密高度敏感的信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.ibm.com/support/pages/node/7145001

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/228444

Impacted products

Name
IBM Security Verify Directory 10.0.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-32753"
    }
  },
  "description": "IBM Security Verify Directory\u662f\u7f8e\u56fd\u56fd\u9645\u5546\u4e1a\u673a\u5668\uff08IBM\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u8eab\u4efd\u9a8c\u8bc1\u548c\u8bbf\u95ee\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u7684\u4e00\u90e8\u5206\u3002\n\nIBM Security Verify Directory 10.0.0\u7248\u672c\u5b58\u5728\u52a0\u5bc6\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4f7f\u7528\u5f31\u7684\u52a0\u5bc6\u7b97\u6cd5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u89e3\u5bc6\u9ad8\u5ea6\u654f\u611f\u7684\u4fe1\u606f\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.ibm.com/support/pages/node/7145001",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-15730",
  "openTime": "2024-04-02",
  "patchDescription": "IBM Security Verify Directory\u662f\u7f8e\u56fd\u56fd\u9645\u5546\u4e1a\u673a\u5668\uff08IBM\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u8eab\u4efd\u9a8c\u8bc1\u548c\u8bbf\u95ee\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u7684\u4e00\u90e8\u5206\u3002\r\n\r\nIBM Security Verify Directory 10.0.0\u7248\u672c\u5b58\u5728\u52a0\u5bc6\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4f7f\u7528\u5f31\u7684\u52a0\u5bc6\u7b97\u6cd5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u89e3\u5bc6\u9ad8\u5ea6\u654f\u611f\u7684\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IBM Security Verify Directory\u52a0\u5bc6\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "IBM Security Verify Directory 10.0.0"
  },
  "referenceLink": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228444",
  "serverity": "\u4e2d",
  "submitTime": "2024-03-26",
  "title": "IBM Security Verify Directory\u52a0\u5bc6\u95ee\u9898\u6f0f\u6d1e"
}

FKIE_CVE-2022-32753

Vulnerability from fkie_nvd - Published: 2024-03-22 16:15 - Updated: 2024-11-21 07:06

Severity

4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228444.

References

URL	Tags
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/228444	VDB Entry, Vendor Advisory
psirt@us.ibm.com	https://www.ibm.com/support/pages/node/7145001	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/228444	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ibm.com/support/pages/node/7145001	Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	security_verify_directory	10.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:security_verify_directory:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "213D3285-0B6B-49AD-81C2-7265F3349B09",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444."
    },
    {
      "lang": "es",
      "value": "IBM Security Verify Directory 10.0.0 utiliza algoritmos criptogr\u00e1ficos m\u00e1s d\u00e9biles de lo esperado que podr\u00edan permitir a un atacante descifrar informaci\u00f3n altamente confidencial. ID de IBM X-Force: 228444."
    }
  ],
  "id": "CVE-2022-32753",
  "lastModified": "2024-11-21T07:06:53.723",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 3.6,
        "source": "psirt@us.ibm.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-03-22T16:15:07.977",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228444"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/pages/node/7145001"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228444"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/pages/node/7145001"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-326"
        }
      ],
      "source": "psirt@us.ibm.com",
      "type": "Secondary"
    }
  ]
}

GHSA-G8QP-8HW4-2MF9

Vulnerability from github – Published: 2024-03-22 18:30 – Updated: 2024-03-22 18:30

Details

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228444.

Severity

4.5 (Medium)


                  
                    CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-32753"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-22T16:15:07Z",
    "severity": "MODERATE"
  },
  "details": "IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444.",
  "id": "GHSA-g8qp-8hw4-2mf9",
  "modified": "2024-03-22T18:30:31Z",
  "published": "2024-03-22T18:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32753"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228444"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7145001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-32753

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228444.

Aliases

CVE-2022-32753

Aliases

CVE-2022-32753

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-32753",
    "id": "GSD-2022-32753"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-32753"
      ],
      "details": "IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444.",
      "id": "GSD-2022-32753",
      "modified": "2023-12-13T01:19:12.174944Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@us.ibm.com",
        "ID": "CVE-2022-32753",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Security Verify Directory",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "10.0.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "IBM"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-326",
                "lang": "eng",
                "value": "CWE-326 Inadequate Encryption Strength"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.ibm.com/support/pages/node/7145001",
            "refsource": "MISC",
            "url": "https://www.ibm.com/support/pages/node/7145001"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228444",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228444"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:ibm:security_verify_directory:10.0.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "213D3285-0B6B-49AD-81C2-7265F3349B09",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  228444."
          },
          {
            "lang": "es",
            "value": "IBM Security Verify Directory 10.0.0 utiliza algoritmos criptogr\u00e1ficos m\u00e1s d\u00e9biles de lo esperado que podr\u00edan permitir a un atacante descifrar informaci\u00f3n altamente confidencial. ID de IBM X-Force: 228444."
          }
        ],
        "id": "CVE-2022-32753",
        "lastModified": "2024-04-01T15:29:18.843",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 0.9,
              "impactScore": 3.6,
              "source": "psirt@us.ibm.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-03-22T16:15:07.977",
        "references": [
          {
            "source": "psirt@us.ibm.com",
            "tags": [
              "VDB Entry",
              "Vendor Advisory"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228444"
          },
          {
            "source": "psirt@us.ibm.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://www.ibm.com/support/pages/node/7145001"
          }
        ],
        "sourceIdentifier": "psirt@us.ibm.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-326"
              }
            ],
            "source": "psirt@us.ibm.com",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

WID-SEC-W-2024-3571

Vulnerability from csaf_certbund - Published: 2024-12-01 23:00 - Updated: 2024-12-01 23:00

Summary

HCL Commerce: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Commerce ist eine e-Commerce Anwendung von HCL.

Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in HCL Commerce ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme: - Sonstiges

CVE-2022-32751

Es besteht eine Schwachstelle in HCL Commerce. Dieser Fehler existiert in der Komponente IBM Security Verify Directory. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.

Affected products

Known affected 5 products

Product	Identifier	Version
HCL Commerce IBM Security Directory Suite <8.0.1-ISS-ISDS-FP0021 HCL / Commerce		IBM Security Directory Suite <8.0.1-ISS-ISDS-FP0021
HCL Commerce 9.1 HCL / Commerce	`cpe:/a:hcltechsw:commerce:9.1`	9.1
HCL Commerce IBM Security Directory Server <6.4.0.28-ISS-ISDS-IF0028 HCL / Commerce		IBM Security Directory Server <6.4.0.28-ISS-ISDS-IF0028
HCL Commerce 9 HCL / Commerce	`cpe:/a:hcltechsw:commerce:9`	9
HCL Commerce 8 HCL / Commerce	`cpe:/a:hcltechsw:commerce:8`	8

CVE-2022-32753

Es besteht eine Schwachstelle in HCL Commerce. Dieser Fehler existiert wegen eines schwachen kryptographischen Algorithmus in der Komponente IBM Security Verify Directory. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.

Affected products

Known affected 5 products

Product	Identifier	Version
HCL Commerce IBM Security Directory Suite <8.0.1-ISS-ISDS-FP0021 HCL / Commerce		IBM Security Directory Suite <8.0.1-ISS-ISDS-FP0021
HCL Commerce 9.1 HCL / Commerce	`cpe:/a:hcltechsw:commerce:9.1`	9.1
HCL Commerce IBM Security Directory Server <6.4.0.28-ISS-ISDS-IF0028 HCL / Commerce		IBM Security Directory Server <6.4.0.28-ISS-ISDS-IF0028
HCL Commerce 9 HCL / Commerce	`cpe:/a:hcltechsw:commerce:9`	9
HCL Commerce 8 HCL / Commerce	`cpe:/a:hcltechsw:commerce:8`	8

CVE-2022-33165

Es besteht eine Schwachstelle in HCL Commerce. Dieser Fehler existiert in der IBM Security Directory Server-Komponente und ermöglicht die Durchführung eines Directory Traversal unter Verwendung von „dot dot“-Sequenzen (/../). Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um beliebige Dateien auf dem System anzuzeigen.

Affected products

Known affected 5 products

Product	Identifier	Version
HCL Commerce IBM Security Directory Suite <8.0.1-ISS-ISDS-FP0021 HCL / Commerce		IBM Security Directory Suite <8.0.1-ISS-ISDS-FP0021
HCL Commerce 9.1 HCL / Commerce	`cpe:/a:hcltechsw:commerce:9.1`	9.1
HCL Commerce IBM Security Directory Server <6.4.0.28-ISS-ISDS-IF0028 HCL / Commerce		IBM Security Directory Server <6.4.0.28-ISS-ISDS-IF0028
HCL Commerce 9 HCL / Commerce	`cpe:/a:hcltechsw:commerce:9`	9
HCL Commerce 8 HCL / Commerce	`cpe:/a:hcltechsw:commerce:8`	8

References

4 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.hcl-software.com/community?id=com…	external
https://support.hcl-software.com/csm?id=kb_articl…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Commerce ist eine e-Commerce Anwendung von HCL.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter Angreifer kann mehrere Schwachstellen in HCL Commerce ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3571 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3571.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3571 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3571"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin vom 2024-12-01",
        "url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=040503ef478e569833723c5c716d43a5"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin vom 2024-12-01",
        "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0117599"
      }
    ],
    "source_lang": "en-US",
    "title": "HCL Commerce: Mehrere Schwachstellen erm\u00f6glichen Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2024-12-01T23:00:00.000+00:00",
      "generator": {
        "date": "2024-12-02T10:03:52.039+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-3571",
      "initial_release_date": "2024-12-01T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-12-01T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8",
                "product": {
                  "name": "HCL Commerce 8",
                  "product_id": "T039521",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltechsw:commerce:8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9",
                "product": {
                  "name": "HCL Commerce 9",
                  "product_id": "T039522",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltechsw:commerce:9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.1",
                "product": {
                  "name": "HCL Commerce 9.1",
                  "product_id": "T039523",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltechsw:commerce:9.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "IBM Security Directory Suite \u003c8.0.1-ISS-ISDS-FP0021",
                "product": {
                  "name": "HCL Commerce IBM Security Directory Suite \u003c8.0.1-ISS-ISDS-FP0021",
                  "product_id": "T039524"
                }
              },
              {
                "category": "product_version",
                "name": "IBM Security Directory Suite 8.0.1-ISS-ISDS-FP0021",
                "product": {
                  "name": "HCL Commerce IBM Security Directory Suite 8.0.1-ISS-ISDS-FP0021",
                  "product_id": "T039524-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltechsw:commerce:ibm_security_directory_suite__8.0.1-iss-isds-fp0021"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "IBM Security Directory Server \u003c6.4.0.28-ISS-ISDS-IF0028",
                "product": {
                  "name": "HCL Commerce IBM Security Directory Server \u003c6.4.0.28-ISS-ISDS-IF0028",
                  "product_id": "T039525"
                }
              },
              {
                "category": "product_version",
                "name": "IBM Security Directory Server 6.4.0.28-ISS-ISDS-IF0028",
                "product": {
                  "name": "HCL Commerce IBM Security Directory Server 6.4.0.28-ISS-ISDS-IF0028",
                  "product_id": "T039525-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltechsw:commerce:ibm_security_directory_server__6.4.0.28-iss-isds-if0028"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Commerce"
          }
        ],
        "category": "vendor",
        "name": "HCL"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-32751",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in HCL Commerce. Dieser Fehler existiert in der Komponente IBM Security Verify Directory. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039524",
          "T039523",
          "T039525",
          "T039522",
          "T039521"
        ]
      },
      "release_date": "2024-12-01T23:00:00.000+00:00",
      "title": "CVE-2022-32751"
    },
    {
      "cve": "CVE-2022-32753",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in HCL Commerce. Dieser Fehler existiert wegen eines schwachen kryptographischen Algorithmus in der Komponente IBM Security Verify Directory. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039524",
          "T039523",
          "T039525",
          "T039522",
          "T039521"
        ]
      },
      "release_date": "2024-12-01T23:00:00.000+00:00",
      "title": "CVE-2022-32753"
    },
    {
      "cve": "CVE-2022-33165",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in HCL Commerce. Dieser Fehler existiert in der IBM Security Directory Server-Komponente und erm\u00f6glicht die Durchf\u00fchrung eines Directory Traversal unter Verwendung von \u201edot dot\u201c-Sequenzen (/../). Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um beliebige Dateien auf dem System anzuzeigen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039524",
          "T039523",
          "T039525",
          "T039522",
          "T039521"
        ]
      },
      "release_date": "2024-12-01T23:00:00.000+00:00",
      "title": "CVE-2022-33165"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-32753 (GCVE-0-2022-32753)

CNVD-2024-15730

FKIE_CVE-2022-32753

GHSA-G8QP-8HW4-2MF9

GSD-2022-32753

WID-SEC-W-2024-3571

Tags

Sightings

Nomenclature