Unrated severityNVD Advisory· Published Mar 14, 2022· Updated Sep 17, 2024

CVE-2022-22354

Description

IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. This can cause the Admin Console to become unresponsive. IBM X-Force ID: 220485.

Affected products

IBM/Spectrum Copy Data Managementv5
Range: 2.2.0.0
IBM/Spectrum Protect Servercpe-rescue
Range: 10.1.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

exchange.xforce.ibmcloud.com/vulnerabilities/220485mitrevdb-entryx_refsource_XF
www.ibm.com/support/pages/node/6562479mitrex_refsource_CONFIRM
www.ibm.com/support/pages/node/6562989mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000