CVE-2022-34333

MEDIUM

IBM Sterling Order Management 10.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

IBM Sterling Order Management 10.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 229698.

References (2)

Scores

CVSS v3 5.9
EPSS 0.0027
EPSS Percentile 50.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-521
Status published
Products (1)
ibm/sterling_order_management 10
Published Apr 07, 2023
Tracked Since Feb 18, 2026