Rewterz Threat Advisory – CVE-2022-43581 – IBM Content Navigator Vulnerability

December 8, 2022

Severity

High

Analysis Summary

CVE-2022-43581

IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code.

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2022-43581

Affected Vendors

IBM

Affected Products

IBM Content Navigator 3.0.0
IBM Content Navigator 3.0.1
IBM Content Navigator 3.0.2
IBM Content Navigator 3.0.3
IBM Content Navigator 3.0.4
IBM Content Navigator 3.0.7
IBM Content Navigator 3.0.8
IBM Content Navigator 3.0.9
IBM Content Navigator 3.0.10
IBM Content Navigator 3.0.11
IBM Content Navigator 3.0.12
IBM Content Navigator 3.0.5
IBM Content Navigator 3.0.6

Remediation

Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.

IBM Security Advisory