Missing Authorization Vulnerability in IBM Content Navigator 3.0.x

Missing Authorization Vulnerability in IBM Content Navigator 3.0.x

CVE-2022-43581 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.

Learn more about our External Network Penetration Testing.