CVE-2022-22423 - Vulnerability Details - OpenCVE

IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Ibm	Aix Common Cryptographic Architecture I Powerlinux
Linux	Linux Kernel

Configuration 1 [-]

AND

cpe:2.3:a:ibm:common_cryptographic_architecture:*:*:*:*:mtm_for_4767:*:*:*

OR	cpe:2.3:o:ibm:aix:-:::::::*
	cpe:2.3:o:ibm:i:-:::::::*
	cpe:2.3:o:linux:linux_kernel:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:a:ibm:common_cryptographic_architecture:*:*:*:*:mtm_for_4769:*:*:*

OR	cpe:2.3:o:ibm:aix:-:::::::*
	cpe:2.3:o:ibm:i:-:::::::*
	cpe:2.3:o:ibm:powerlinux:-:::::::*
	cpe:2.3:o:linux:linux_kernel:-:::::::*

No data.

References

Link	Providers
https://exchange.xforce.ibmcloud.com/vulnerabilities/223596
https://www.ibm.com/support/pages/node/6695893

History

Thu, 22 May 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2022-09-23T17:35:14.452Z

Updated: 2025-05-22T19:53:19.985Z

Reserved: 2022-01-03T00:00:00.000Z

Link: CVE-2022-22423

Vulnrichment

Updated: 2024-08-03T03:14:55.036Z

NVD

Status : Modified

Published: 2022-09-23T18:15:10.187

Modified: 2025-05-22T20:15:21.787

Link: CVE-2022-22423

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "CCA for MTM 4767", "vendor": "IBM", "versions": [{"status": "affected", "version": "5.7.11"}, {"status": "affected", "version": "5.0"}, {"status": "affected", "version": "5.1"}, {"status": "affected", "version": "5.2"}, {"status": "affected", "version": "5.3"}, {"status": "affected", "version": "5.4"}, {"status": "affected", "version": "5.5"}, {"status": "affected", "version": "5.6"}, {"status": "affected", "version": "5.7"}, {"status": "affected", "version": "7.0"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.3.43"}]}], "datePublic": "2022-09-22T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "LOW", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "CHANGED", "temporalScore": 5.7, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/S:C/I:N/AC:L/UI:N/PR:L/C:N/AV:L/A:H/RC:C/RL:O/E:U", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Denial of Service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-23T17:35:14.000Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.ibm.com/support/pages/node/6695893"}, {"name": "ibm-cca-cve202222423-dos (223596)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223596"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-09-22T00:00:00", "ID": "CVE-2022-22423", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "CCA for MTM 4767", "version": {"version_data": [{"version_value": "5.7.11"}, {"version_value": "5.0"}, {"version_value": "5.1"}, {"version_value": "5.2"}, {"version_value": "5.3"}, {"version_value": "5.4"}, {"version_value": "5.5"}, {"version_value": "5.6"}, {"version_value": "5.7"}, {"version_value": "7.0"}, {"version_value": "7.1"}, {"version_value": "7.2"}, {"version_value": "7.3"}, {"version_value": "7.3.43"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596."}]}, "impact": {"cvssv3": {"BM": {"A": "H", "AC": "L", "AV": "L", "C": "N", "I": "N", "PR": "L", "S": "C", "UI": "N"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "references": {"reference_data": [{"name": "https://www.ibm.com/support/pages/node/6695893", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6695893 (AIX)", "url": "https://www.ibm.com/support/pages/node/6695893"}, {"name": "ibm-cca-cve202222423-dos (223596)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223596"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:14:55.036Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.ibm.com/support/pages/node/6695893"}, {"name": "ibm-cca-cve202222423-dos (223596)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223596"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-20", "lang": "en", "description": "CWE-20 Improper Input Validation"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-22T19:52:50.359722Z", "id": "CVE-2022-22423", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-22T19:53:19.985Z"}}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22423", "datePublished": "2022-09-23T17:35:14.452Z", "dateReserved": "2022-01-03T00:00:00.000Z", "dateUpdated": "2025-05-22T19:53:19.985Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.ibm.com/support/pages/node/6695893", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223596", "name": "ibm-cca-cve202222423-dos (223596)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:14:55.036Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-22423", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-22T19:52:50.359722Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-22T19:51:08.247Z"}}], "cna": {"metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/S:C/I:N/AC:L/UI:N/PR:L/C:N/AV:L/A:H/RC:C/RL:O/E:U", "temporalScore": 5.7, "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "temporalSeverity": "MEDIUM", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "exploitCodeMaturity": "UNPROVEN", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "IBM", "product": "CCA for MTM 4767", "versions": [{"status": "affected", "version": "5.7.11"}, {"status": "affected", "version": "5.0"}, {"status": "affected", "version": "5.1"}, {"status": "affected", "version": "5.2"}, {"status": "affected", "version": "5.3"}, {"status": "affected", "version": "5.4"}, {"status": "affected", "version": "5.5"}, {"status": "affected", "version": "5.6"}, {"status": "affected", "version": "5.7"}, {"status": "affected", "version": "7.0"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.3.43"}]}], "datePublic": "2022-09-22T00:00:00.000Z", "references": [{"url": "https://www.ibm.com/support/pages/node/6695893", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223596", "name": "ibm-cca-cve202222423-dos (223596)", "tags": ["vdb-entry", "x_refsource_XF"]}], "descriptions": [{"lang": "en", "value": "IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Denial of Service"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2022-09-23T17:35:14.000Z"}, "x_legacyV4Record": {"impact": {"cvssv3": {"BM": {"A": "H", "C": "N", "I": "N", "S": "C", "AC": "L", "AV": "L", "PR": "L", "UI": "N"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "5.7.11"}, {"version_value": "5.0"}, {"version_value": "5.1"}, {"version_value": "5.2"}, {"version_value": "5.3"}, {"version_value": "5.4"}, {"version_value": "5.5"}, {"version_value": "5.6"}, {"version_value": "5.7"}, {"version_value": "7.0"}, {"version_value": "7.1"}, {"version_value": "7.2"}, {"version_value": "7.3"}, {"version_value": "7.3.43"}]}, "product_name": "CCA for MTM 4767"}]}, "vendor_name": "IBM"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://www.ibm.com/support/pages/node/6695893", "name": "https://www.ibm.com/support/pages/node/6695893", "title": "IBM Security Bulletin 6695893 (AIX)", "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223596", "name": "ibm-cca-cve202222423-dos (223596)", "title": "X-Force Vulnerability Report", "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-22423", "STATE": "PUBLIC", "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-09-22T00:00:00"}}}}, "cveMetadata": {"cveId": "CVE-2022-22423", "state": "PUBLISHED", "dateUpdated": "2025-05-22T19:53:19.985Z", "dateReserved": "2022-01-03T00:00:00.000Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2022-09-23T17:35:14.452Z", "assignerShortName": "ibm"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:common_cryptographic_architecture:*:*:*:*:mtm_for_4767:*:*:*", "matchCriteriaId": "39A7502A-F886-4450-9225-D4D17E337AD6", "versionEndExcluding": "5.7.12", "versionStartIncluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89", "vulnerable": false}, {"criteria": "cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*", "matchCriteriaId": "C684FC45-C9BA-4EF0-BD06-BB289450DD21", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:common_cryptographic_architecture:*:*:*:*:mtm_for_4769:*:*:*", "matchCriteriaId": "1F53A060-170C-43FF-BDAF-4486B336B122", "versionEndExcluding": "7.3.44", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89", "vulnerable": false}, {"criteria": "cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*", "matchCriteriaId": "C684FC45-C9BA-4EF0-BD06-BB289450DD21", "vulnerable": false}, {"criteria": "cpe:2.3:o:ibm:powerlinux:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3A6025C-AD68-4725-8748-9EA44D3231E3", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596."}, {"lang": "es", "value": "IBM Common Cryptographic Architecture (versiones CCA 5.x MTM para 4767 y CCA 7.x MTM para 4769) podr\u00eda permitir a un usuario local causar una denegaci\u00f3n de servicio debido a una comprobaci\u00f3n de entrada inapropiada. IBM X-Force ID: 223596."}], "id": "CVE-2022-22423", "lastModified": "2025-05-22T20:15:21.787", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-23T18:15:10.187", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223596"}, {"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6695893"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223596"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6695893"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}