CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38383 – IBM Cloud Pak for Security information disclosure
https://notcve.org/view.php?id=CVE-2022-38383
28 Jun 2024 — IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673. IBM Cloud Pak for Security (CP4S) 1.10.0.0 a 1.10.11.0 e IBM QRadar Software Suite 1.10.12.0 a 1.10.21.0 permiten almacenar localmente páginas web que pueden ser leídas por otro usuario en el sistema. ID de IBM X-Force: 233673. • https://exchange.xforce.ibmcloud.com/vulnerabilities/233673 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47726 – IBM QRadar Suite improper input validation
https://notcve.org/view.php?id=CVE-2023-47726
18 Jun 2024 — IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087. IBM QRadar Suite Software 1.10.12.0 a 1.10.21.0 e IBM Cloud Pak for Security 1.10.12.0 a 1.10.21.0 podrían permitir que un usuario autenticado ejecute ciertos comandos arbitrarios debido a una validación de entrada incorrecta. ID de IBM X-Force: 272087. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272087 • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47727 – IBM QRadar Suite Software file manipulation
https://notcve.org/view.php?id=CVE-2023-47727
02 May 2024 — IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: 272089. IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 e IBM QRadar Suite Software 1.10.12.0 a 1.10.20.0 podrían permitir a un usuario autenticado modificar los parámetros del panel debido a una validación de entrada incorrecta. ID de IBM X-Force: 272089. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272089 • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38386 – IBM Cloud Pak for Security information disclosure
https://notcve.org/view.php?id=CVE-2022-38386
01 May 2024 — IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite for Software 1.10.12.0 through 1.10.19.0 does not set the SameSite attribute for sensitive cookies which could allow an attacker to obtain sensitive information using man-in-the-middle techniques. IBM X-Force ID: 233778. IBM Cloud Pak for Security (CP4S) 1.10.0.0 a 1.10.11.0 e IBM QRadar Suite for Software 1.10.12.0 a 1.10.19.0 no configuran el atributo SameSite para cookies confidenciales que podrían permitir a un atacante ob... • https://exchange.xforce.ibmcloud.com/vulnerabilities/233778 • CWE-1275: Sensitive Cookie with Improper SameSite Attribute •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47731 – IBM QRadar Suite Software cross-site scripting
https://notcve.org/view.php?id=CVE-2023-47731
23 Apr 2024 — IBM QRadar Suite Software 1.10.12.0 through 1.10.19.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 272203. IBM QRadar Suite Software 1.10.12.0 a 1.10.19.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 son vulnerables a cross-site scripting... • https://exchange.xforce.ibmcloud.com/vulnerabilities/272203 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28782 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-28782
03 Apr 2024 — IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 285698. IBM QRadar Suite Software 1.10.12.0 a 1.10.18.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan las credenciales de usuario en texto sin formato que puede ser leído por un usuario autenticado. ID de IBM X-Force: 285698. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285698 • CWE-256: Plaintext Storage of a Password •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50951 – IBM QRadar Suite information disclosure
https://notcve.org/view.php?id=CVE-2023-50951
17 Feb 2024 — IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts. IBM X-Force ID: 275747. IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 en algunas circunstancias registrarán información confidencial sobre intentos de autorización no válidos. ID de IBM X-Force: 275747. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275747 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22337 – IBM QRadar Suite information disclosure
https://notcve.org/view.php?id=CVE-2024-22337
17 Feb 2024 — IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279977. IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 279977. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279977 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22336 – IBM QRadar Suite information disclosure
https://notcve.org/view.php?id=CVE-2024-22336
17 Feb 2024 — IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279976. IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 279976. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279976 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22335 – IBM QRadar Suite information disclosure
https://notcve.org/view.php?id=CVE-2024-22335
17 Feb 2024 — IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279975. IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 279975. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279975 • CWE-532: Insertion of Sensitive Information into Log File •