CVE-2022-22353
Published Mar 14, 2022
Last updated 3 years ago
Overview
- Description
- IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 3.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 3.6
- Exploitability score
- 1.6
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:big_sql:7.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6280ECB3-44A0-4ABE-9649-ADCA36987041"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudera:data_platform:7.1.3:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "34D66F54-B5E4-4592-8D81-6F5FA5050AD2"
},
{
"criteria": "cpe:2.3:a:cloudera:data_platform:7.1.4:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "40696221-58E6-4007-A569-BC5CB092BCF9"
},
{
"criteria": "cpe:2.3:a:cloudera:data_platform:7.1.5:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6CA8E30F-9528-4807-B724-33541DD483AF"
},
{
"criteria": "cpe:2.3:a:cloudera:data_platform:7.1.7:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2A4E786D-B883-4901-9AEE-D9CC00D066F2"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:big_sql:7.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3499AC1D-FEB6-4E8D-8763-D6C41AE66E50"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_data:3.5:-:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "74BA5C30-0041-4DE6-A673-EACFCCE3E759"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_data:3.5:refresh_1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "441ADAEA-7036-48A2-8272-6F3493075499"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_data:3.5:refresh_9:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0D9430C3-6D1E-46C2-A9F2-B416B266F10A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:big_sql:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5710866-C865-4A15-88CA-E5CAA2CD1967",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_data:4.0:-:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "89FB80EE-E435-4D86-82B1-4A5AC1D85245"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_data:4.0:refresh_1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5428EB87-06D7-46E2-B8F5-CE01EF0C5C8A"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_data:4.0:refresh_3:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E552B244-DF27-46A5-AB04-C1AF91877F0A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:big_sql:7.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D02A88E8-BA33-498A-9517-62EF82BE0C02"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_data:4.0:refresh_4:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F53C3054-B4D0-4626-81D1-B0406DFD8466"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]