Page 2 of 20 results (0.131 seconds)

CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0

28 Jun 2024 — IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673. IBM Cloud Pak for Security (CP4S) 1.10.0.0 a 1.10.11.0 e IBM QRadar Software Suite 1.10.12.0 a 1.10.21.0 permiten almacenar localmente páginas web que pueden ser leídas por otro usuario en el sistema. ID de IBM X-Force: 233673. • https://exchange.xforce.ibmcloud.com/vulnerabilities/233673 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

18 Jun 2024 — IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087. IBM QRadar Suite Software 1.10.12.0 a 1.10.21.0 e IBM Cloud Pak for Security 1.10.12.0 a 1.10.21.0 podrían permitir que un usuario autenticado ejecute ciertos comandos arbitrarios debido a una validación de entrada incorrecta. ID de IBM X-Force: 272087. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272087 • CWE-1287: Improper Validation of Specified Type of Input •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

02 May 2024 — IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: 272089. IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 e IBM QRadar Suite Software 1.10.12.0 a 1.10.20.0 podrían permitir a un usuario autenticado modificar los parámetros del panel debido a una validación de entrada incorrecta. ID de IBM X-Force: 272089. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272089 • CWE-1287: Improper Validation of Specified Type of Input •

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

01 May 2024 — IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite for Software 1.10.12.0 through 1.10.19.0 does not set the SameSite attribute for sensitive cookies which could allow an attacker to obtain sensitive information using man-in-the-middle techniques. IBM X-Force ID: 233778. IBM Cloud Pak for Security (CP4S) 1.10.0.0 a 1.10.11.0 e IBM QRadar Suite for Software 1.10.12.0 a 1.10.19.0 no configuran el atributo SameSite para cookies confidenciales que podrían permitir a un atacante ob... • https://exchange.xforce.ibmcloud.com/vulnerabilities/233778 • CWE-1275: Sensitive Cookie with Improper SameSite Attribute •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

23 Apr 2024 — IBM QRadar Suite Software 1.10.12.0 through 1.10.19.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 272203. IBM QRadar Suite Software 1.10.12.0 a 1.10.19.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 son vulnerables a cross-site scripting... • https://exchange.xforce.ibmcloud.com/vulnerabilities/272203 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0

03 Apr 2024 — IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 285698. IBM QRadar Suite Software 1.10.12.0 a 1.10.18.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan las credenciales de usuario en texto sin formato que puede ser leído por un usuario autenticado. ID de IBM X-Force: 285698. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285698 • CWE-256: Plaintext Storage of a Password •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

17 Feb 2024 — IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts. IBM X-Force ID: 275747. IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 en algunas circunstancias registrarán información confidencial sobre intentos de autorización no válidos. ID de IBM X-Force: 275747. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275747 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0

17 Feb 2024 — IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279977. IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 279977. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279977 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

17 Feb 2024 — IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279976. IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 279976. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279976 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

17 Feb 2024 — IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279975. IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 279975. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279975 • CWE-532: Insertion of Sensitive Information into Log File •