CVE-2022-43581

📊 7.5 HIGH⚡ 0.1%🎯 0 exploits

📅 Published Dec 7, 2022

📋 Status: Modified

IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

1 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	ibm	content navigator	≥ 3.0.0 ∧ ≤ 3.0.12	Vulnerable	cpe:2.3:a:ibm:content_navigator::::::::

📱

ibm / content navigator

Application

Vulnerable

Version: ≥ 3.0.0 ∧ ≤ 3.0.12

CPE:

cpe:2.3:a:ibm:content_navigator:*:*:*:*:*:*:*:*

Metrics

7.5 HIGHCVSS v3.1[email protected]

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector:

NETWORK

Complexity:

HIGH

Privileges:

LOW

User Interaction:

NONE

Confidentiality:

HIGH

Integrity:

HIGH

Availability:

HIGH

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Modified

CVSS Details

7.5 (HIGH)v3.1

Source: [email protected]

EPSS Details

0.1% (Minimal)34.5th percentile

Last updated: Oct 31, 2025

Exploitation probability within 30 days

Published Date

Dec 7, 2022 (2 years ago)

Last Modified

Nov 21, 2024 (11 months ago)

Security Weaknesses2

CWE-119CWE-862

References3

NVDpatchadvisory