Sensitive Information Exposure in IBM Spectrum Protect Operations Center

Sensitive Information Exposure in IBM Spectrum Protect Operations Center

CVE-2022-22484 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322.

Learn more about our User Device Pen Test.