Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-22330

Опубликовано: 13 сент. 2022
Источник: nvd
CVSS3: 3.7
CVSS3: 5.3
EPSS Низкий

Описание

IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 219126.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ibm:control_desk:7.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:control_desk:7.6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:control_desk:7.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:control_desk:7.6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:control_desk:7.6.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:control_desk:7.6.1.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

EPSS

Процентиль: 34%
0.00134
Низкий

3.7 Low

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-732

Связанные уязвимости

github логотип

GHSA-2p6v-c8r2-4f2q

CVSS3: 5.3
github
больше 3 лет назад

IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 219126.

EPSS

Процентиль: 34%
0.00134
Низкий

3.7 Low

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-732