How severe is CVE-2022-43887?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2022-43887?

This is classified as CWE-532, which is a common weakness in software security.

CVE-2022-43887

MEDIUM Year: 2022

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-532

View all →

Vulnerability Description

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to sensitive information exposure by passing API keys to log files. If these keys contain sensitive information, it could lead to further attacks. IBM X-Force ID: 240450.

CVE-2015-1343

MEDIUM

CVSS:5.3(Medium)

All versions of unity-scope-gdrive logs search terms to syslog.

CWE-5322015

CVE-2017-1198

MEDIUM

CVSS:5.3(Medium)

IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs vi...

CWE-5322017

CVE-2017-17675

MEDIUM

CVSS:5.3(Medium)

BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names a...

CWE-5322017

CVE-2018-10889

MEDIUM

CVSS:5.3(Medium)

A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No option existed to omit logs from data privacy exports, which may contain details of other users who interacted with the requester.

CWE-5322018