Vulnerability Name: | CVE-2022-32222 (CCN-230662) | ||||||||||||
Assigned: | 2022-07-07 | ||||||||||||
Published: | 2022-07-07 | ||||||||||||
Updated: | 2023-07-24 | ||||||||||||
Summary: | |||||||||||||
CVSS v3 Severity: | 5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) 4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||||||
Vulnerability Consequences: | Bypass Security | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2022-32222 Source: XF Type: UNKNOWN nodejs-cve202232222-sec-bypass(230662) Source: support@hackerone.com Type: Exploit support@hackerone.com Source: CCN Type: Node.js Blog, 2022-07-07 July 7th 2022 Security Releases Source: CCN Type: Node.js Blog, 2022-09-23 September 22nd 2022 Security Releases Source: CCN Type: IBM Security Bulletin 6603049 (Answer Retrieval for Watson Discovery) IBM Answer Retrieval for Watson Discovery is vulnerable to HTTP request smuggling due to NodeJS Source: CCN Type: IBM Security Bulletin 6611585 (Cloud Pak for Integration) Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities Source: CCN Type: IBM Security Bulletin 6619919 (Spectrum Protect Plus) Multiple vulnerabilities in Node.js may affect IBM Spectrum Protect Plus (CVE-2022-32223, CVE-2022-32215, CVE-2022-33987, CVE-2022-32213, CVE-2022-32212, CVE-2022-32222, CVE-2022-32214) Source: CCN Type: IBM Security Bulletin 6825155 (Watson Assistant for Cloud Pak for data) Multiple Vulnerabilities in node.js Source: CCN Type: IBM Security Bulletin 6825561 (Event Streams) Multiple vulnerabilities in Node.js affect IBM Event Streams Source: CCN Type: IBM Security Bulletin 6833888 (Business Automation Workflow traditional) Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow Source: CCN Type: IBM Security Bulletin 6840919 (Watson Discovery) IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js Source: CCN Type: IBM Security Bulletin 6841799 (Planning Analytics Workspace) IBM Planning Analytics Workspace is affected by vulnerabilities in Node.js and Spring Data MongoDB | ||||||||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
BACK |