CVE-2022-42443

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-42443
An undisclosed issue in Trusteer iOS SDK for mobile versions prior to 5.7 and Trusteer Android SDK for mobile versions prior to 5.7 may allow uploading of files. IBM X-Force ID: 238535.

2.2 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 0.7 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/238535 Vendor Advisory
https://www.ibm.com/support/pages/node/6967785 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/238535 Vendor Advisory
https://www.ibm.com/support/pages/node/6967785 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:trusteer_android_sdk_for_mobile:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:trusteer_ios_sdk_for_mobile:*:*:*:*:*:*:*:*
History

22 Jan 2025, 17:11

Type Values Removed Values Added
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/238535 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/238535 - Vendor Advisory
References () https://www.ibm.com/support/pages/node/6967785 - () https://www.ibm.com/support/pages/node/6967785 - Vendor Advisory
CWE NVD-CWE-noinfo
First Time Ibm
Ibm trusteer Android Sdk For Mobile
Ibm trusteer Ios Sdk For Mobile
CPE cpe:2.3:a:ibm:trusteer_ios_sdk_for_mobile:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:trusteer_android_sdk_for_mobile:*:*:*:*:*:*:*:*

21 Nov 2024, 07:24

Type Values Removed Values Added
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/238535 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/238535 -
References () https://www.ibm.com/support/pages/node/6967785 - () https://www.ibm.com/support/pages/node/6967785 -

20 Feb 2024, 19:50

Type Values Removed Values Added
Summary
  • (es) Un problema no revelado en Trusteer iOS SDK para versiones móviles anteriores a 5.7 y Trusteer Android SDK para versiones móviles anteriores a 5.7 puede permitir la carga de archivos. ID de IBM X-Force: 238535.

17 Feb 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-17 17:15

Updated : 2025-01-22 17:11

NVD link : CVE-2022-42443

Mitre link : CVE-2022-42443

CVE.ORG link : CVE-2022-42443

JSON object : View

Products Affected

ibm

  • trusteer_android_sdk_for_mobile
  • trusteer_ios_sdk_for_mobile
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type

NVD-CWE-noinfo