CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30993 – IBM Cloud Pak for Security information disclosure
https://notcve.org/view.php?id=CVE-2023-30993
IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account. IBM X-Force ID: 254136. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254136 https://www.ibm.com/support/pages/node/6995221 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-23468 – IBM Robotic Process Automation for Cloud Pak access control
https://notcve.org/view.php?id=CVE-2023-23468
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244500 https://www.ibm.com/support/pages/node/7005999 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-22593 – IBM Robotic Process Automation for Cloud Pak security configuration
https://notcve.org/view.php?id=CVE-2023-22593
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to security misconfiguration of the Redis container which may provide elevated privileges. IBM X-Force ID: 244074. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244074 https://www.ibm.com/support/pages/node/7006001 • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-34352 – IBM QRadar information disclosure
https://notcve.org/view.php?id=CVE-2022-34352
IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. IBM X-Force ID: 230403. • https://exchange.xforce.ibmcloud.com/vulnerabilities/230403 https://www.ibm.com/support/pages/node/7006057 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-26274 – IBM QRadar cross-site scripting
https://notcve.org/view.php?id=CVE-2023-26274
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 248144. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248144 https://www.ibm.com/support/pages/node/7006085 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •