CVE-2022-22494

Name of the Vulnerable Software and Affected Versions IBM Spectrum Protect Operations Center versions 8.1.0.000 through 8.1.14

Description The issue allows a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks.

Recommendations For versions 8.1.0.000 through 8.1.14, consider restricting access to the database until a patch is available. As a temporary workaround, avoid using HTTP requests that could reveal database details. At the moment, there is no information about a newer version that contains a fix for this vulnerability.