{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-21T18:09:58.089","vulnerabilities":[{"cve":{"id":"CVE-2022-41296","sourceIdentifier":"psirt@us.ibm.com","published":"2022-12-12T09:15:12.760","lastModified":"2026-06-17T05:02:58.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210."},{"lang":"es","value":"IBM Db2U 3.5, 4.0 y 4.5 es vulnerable a Cross-Site Request Forgery (CSRF), lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que confía el sitio web. ID de IBM X-Force: 237210."}],"affected":[{"source":"psirt@us.ibm.com","affectedData":[{"vendor":"IBM","product":"Db2U","defaultStatus":"unaffected","versions":[{"version":"3.5, 4.0, 4.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-01T18:50:52.073301Z","id":"CVE-2022-41296","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:3.5:-:*:*:*:*:*:*","matchCriteriaId":"634480F6-1D26-4462-94C3-24DFCA3F4027"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:3.5:refresh_10:*:*:*:*:*:*","matchCriteriaId":"0368BC26-3A80-4B70-8052-3F47B1484E74"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:4.0:-:*:*:*:*:*:*","matchCriteriaId":"EAC644E7-70FB-4BAE-81C7-5E9C89CB24B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:4.0:refresh_9:*:*:*:*:*:*","matchCriteriaId":"4A557DCC-6343-4C56-8B60-FCBEB6426D42"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:4.5:-:*:*:*:*:*:*","matchCriteriaId":"C8D52709-C590-40A2-8486-8AFE5D8D4F2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:4.5:refresh_3:*:*:*:*:*:*","matchCriteriaId":"BE38A78C-1EA6-45AA-9551-8B17BE9C9327"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2_warehouse:3.5:-:*:*:*:*:*:*","matchCriteriaId":"FEC9BE0B-76A7-41BF-BE22-7F8C167DF243"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2_warehouse:3.5:refresh_10:*:*:*:*:*:*","matchCriteriaId":"A8C0972A-C0A7-4497-AE6F-D5F266F1DBF5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2_warehouse:4.0:-:*:*:*:*:*:*","matchCriteriaId":"AE87E729-F00A-43F8-91FF-BAA8B4B3986C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2_warehouse:4.0:refresh_9:*:*:*:*:*:*","matchCriteriaId":"353A9E03-50CD-46E0-A5AB-351AA426007F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2_warehouse:4.5:-:*:*:*:*:*:*","matchCriteriaId":"E2CBB056-CC8A-4A34-AA3C-CDC7D8DE2426"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2_warehouse:4.5:refresh_3:*:*:*:*:*:*","matchCriteriaId":"2D823704-6F82-47BE-8658-466ECD051451"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/237210","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6843071","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/237210","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20230120-0003/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.ibm.com/support/pages/node/6843071","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}