Medium Severity
Security Bulletin: IBM Navigator for i is vulnerable to an SQL injection (CVE-2022-22495)
May 23, 2022
Categorized: Medium Severity
Share this post:
IBM Navigator for i provides server administration functionality via a robust graphical user interface. IBM Navigator for i is vulnerable to an SQL injection as described in the vulnerability details section. The vulnerabilty is fixed by applying the latest HTTP Server for i group PTF as described in Remediation/Fixes section.
CVE(s): CVE-2022-22495
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM i | 7.5 |
| IBM i | 7.4 |
| IBM i | 7.3 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6589203
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/226941
Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting (CVE-2022-22436)
July 5, 2022 | Medium Severity
IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting. ...read more
Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting (CVE-2022-22435)
July 5, 2022 | Medium Severity
IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting. ...read more
Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)
July 5, 2022 | Medium Severity
There is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams. ...read more