Security Advisory

CVE-2022-43859

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-22 20:41:40

Last updated 2025-04-15 14:30:33

Assigner ibm

State PUBLISHED

Description

IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. By performing a UNION based SQL injection an attacker could see file permissions through this interface. IBM X-Force ID: 239304.

← Browse all CVEs View on cve.org ↗