CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27269 – IBM QRadar SIEM information disclosure
https://notcve.org/view.php?id=CVE-2024-27269
IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575. IBM QRadar SIEM 7.5 podría permitir a un usuario privilegiado configurar una gestión de usuarios que revelaría información confidencial no deseada entre los inquilinos. ID de IBM X-Force: 284575. • https://exchange.xforce.ibmcloud.com/vulnerabilities/284575 https://www.ibm.com/support/pages/node/7150684 • CWE-286: Incorrect User Management •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50949 – IBM QRadar improper certificate validation
https://notcve.org/view.php?id=CVE-2023-50949
IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation. IBM X-Force ID: 275706. IBM QRadar SIEM 7.5 podría permitir que un usuario no autorizado realice acciones no autorizadas debido a una validación de certificado incorrecta. ID de IBM X-Force: 275706. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275706 https://www.ibm.com/support/pages/node/7147933 • CWE-295: Improper Certificate Validation •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50961 – IBM QRadar cross-site scripting
https://notcve.org/view.php?id=CVE-2023-50961
IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 275939. IBM QRadar SIEM 7.5 es vulnerable a cross-site scripting almacenadas. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275939 https://www.ibm.com/support/pages/node/7145262 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28784 – IBM QRadar cross-site scripting
https://notcve.org/view.php?id=CVE-2024-28784
IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893. IBM QRadar SIEM 7.5 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285893 https://https://www.ibm.com/support/pages/node/7145260 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •