CVE-2022-22307: 
IBM Guardium Appliance vulnerability analysis and mitigation

IBM Security Guardium versions 11.3, 11.4, and 11.5 were found to contain a vulnerability that could allow a local user to obtain elevated privileges due to incorrect authorization checks. The vulnerability was assigned CVE-2022-22307 and IBM X-Force ID 216753. The issue was disclosed and addressed by IBM through security updates (IBM Advisory).

The vulnerability is classified as an incorrect authorization check issue (CWE-863). According to the National Vulnerability Database, it received a CVSS v3.1 Base Score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, while IBM Corporation assessed it with a CVSS score of 4.4 (MEDIUM) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N (NVD).

The vulnerability could allow a local user with low privileges to escalate their privileges on the affected system. The impact assessment varies between NVD and IBM, with NVD indicating high potential impact on confidentiality, integrity, and availability, while IBM's assessment suggests lower impact levels (NVD).

IBM has released security fixes for all affected versions: 11.3, 11.4, and 11.5. The fixes are available through IBM Fix Central, and customers are encouraged to update their systems promptly (IBM Advisory).