CVE-2022-2238

MEDIUM Year: 2022
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-89
View all →

Vulnerability Description

A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. This flaw allows an attacker to craft specific strings containing special characters that lead to crashing the pod and affects system availability while restarting.

Related Vulnerabilities

CVE-2015-6004

MEDIUM
CVSS:6.5(Medium)

Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.as...

CWE-892015

CVE-2015-6433

MEDIUM
CVSS:6.5(Medium)

SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767.

CWE-892015

CVE-2016-1308

MEDIUM
CVSS:6.5(Medium)

SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227.

CWE-892016

CVE-2016-1437

MEDIUM
CVSS:6.5(Medium)

SQL injection vulnerability in the SQL database in Cisco Prime Collaboration Deployment before 11.5.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID ...

CWE-892016

CVE-2016-2950

MEDIUM
CVSS:6.5(Medium)

SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

CWE-892016

CVE-2016-5653

MEDIUM
CVSS:6.5(Medium)

Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter.

CWE-892016