HomeVulnerabilityVulnerability found in IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 (CVE-2022-22493)

Vulnerability found in IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 (CVE-2022-22493)

October 8, 2022
Vulnerability found in IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 (CVE-2022-22493)

Alert Severity: High

Issue Date: 2022-10-07

CVE(s): CVE-2022-22493

CVSS: 8.8

Impacted Products and Versions:

All versions of IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps up to and including 1.4.2

Description:

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps is vulnerable to cross-site request forgery, caused by improper cookie attribute setting.

Mitigation:

IBM has fixed this vulnerability; impacted users/admins are advised to upgrade the software version to 1.4.2 or higher.

Tags:,

Related Posts

Add a Comment

Your email address will not be published.