VYPR
Medium severity6.3NVD Advisory· Published Dec 22, 2022· Updated Jun 17, 2026

CVE-2022-43859

CVE-2022-43859

Description

IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. By performing a UNION based SQL injection an attacker could see file permissions through this interface. IBM X-Force ID: 239304.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/IBM Navigator for illm-fuzzy2 versions
    7.3, 7.4, and 7.5+ 1 more
    • (no CPE)range: 7.3, 7.4, and 7.5
    • (no CPE)range: 7.3, 7.4, 7.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.