Medium Severity

Security Bulletin: IBM Navigator for i is vulnerable to an SQL injection (CVE-2022-22495)

Share this post:

IBM Navigator for i provides server administration functionality via a robust graphical user interface. IBM Navigator for i is vulnerable to an SQL injection as described in the vulnerability details section. The vulnerabilty is fixed by applying the latest HTTP Server for i group PTF as described in Remediation/Fixes section.

CVE(s): CVE-2022-22495

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM i 7.5
IBM i 7.4
IBM i 7.3

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6589203
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/226941

More stories

Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting (CVE-2022-22436)

July 5, 2022 | Medium Severity

IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting. ...read more


Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting (CVE-2022-22435)

July 5, 2022 | Medium Severity

IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting. ...read more


Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)

July 5, 2022 | Medium Severity

There is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams. ...read more