Vulnerability Details
Basic Information
| Title | Security Bulletin: IBM InfoSphere Information Server is vulnerable to information disclosure (CVE-2022-22442) |
|---|---|
| Type | ibm |
| Published | 2025-04-29T02:26:22 |
| Last Seen | 2025-04-29T11:06:01 |
| CVSS Score | 6.5 (MEDIUM) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | NONE |
| Availability Impact | NONE |
CVE Information
| CVE IDs | CVE-2022-22442 |
|---|---|
| CWE | |
| Bulletin Family | software |
Description
An information disclosure vulnerability due to improper access controls was addressed in InfoSphere Information Server.
## Vulnerability Details
**CVEID:**CVE-2022-22442
**DESCRIPTION:** IBM InfoSphere Information Server could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/224427 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
## Affected Products and Versions
Affected Product(s) | Version(s)
—|—
InfoSphere Information Server, Information Server on Cloud | 11.7
## Remediation/Fixes
**Product** | **VRMF** | **APAR** | **Remediation**
—|—|—|—
InfoSphere Information Server, InfoSphere Information Server on Cloud | 11.7 | JR64525 | \–Apply IBM InfoSphere Information Server version 11.7.1.0
\–Apply IBM InfoSphere Information Server version 11.7.1.4
## Workarounds and Mitigations
None
##
Impact Assessment
| Base Score | 6.5 |
|---|---|
| Severity | MEDIUM |