How severe is CVE-2022-43539?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.5 out of 10.

What type of vulnerability is CVE-2022-43539?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2022-43539

MEDIUM Year: 2022

CVSS v3 Score

4.5

Medium

Weakness Type

CWE-200

View all →

Vulnerability Description

A vulnerability exists in the ClearPass Policy Manager cluster communications that allow for an attacker in a privileged network position to potentially obtain sensitive information. A successful exploit could allow an attacker to retrieve information that allows for unauthorized actions as a privileged user on the ClearPass Policy Manager cluster in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below.

CVE-2021-33687

MEDIUM

CVSS:4.5(Medium)

SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other...

CWE-2002021

CVE-2024-24758

MEDIUM

CVSS:4.5(Medium)

Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Proxy-Authentication` headers. This issue has...

CWE-2002024

CVE-2015-7418

MEDIUM

CVSS:4.4(Medium)

IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwritten which could allow a local user with administrator priv...

CWE-2002015

CVE-2015-7462

MEDIUM

CVSS:4.4(Medium)

IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to discover cleartext certificate-keystore passwords within MQ trace output by leveraging administrator privileges to execute the mqcertc...

CWE-2002015

CVE-2015-7846

MEDIUM

CVSS:4.6(Medium)

Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, AR2200, AR3200 before V200R005C20SPC200 allows attackers with physical access to the CF card to obtain sensitive information.

CWE-2002015

CVE-2015-7946

MEDIUM

CVSS:4.6(Medium)

Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency diale...

CWE-2002015

CVE-2022-43539

Vulnerability Description

Related Vulnerabilities

CVE-2021-33687

CVE-2024-24758

CVE-2015-7418

CVE-2015-7462

CVE-2015-7846

CVE-2015-7946