CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43880 – IBM QRadar WinCollect Agent
https://notcve.org/view.php?id=CVE-2022-43880
IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial of service. IBM X-Force ID: 240151. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240151 https://www.ibm.com/support/pages/node/6980843 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22355 – IBM QRadar Suite information dislosure
https://notcve.org/view.php?id=CVE-2024-22355
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 280781. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280781 https://www.ibm.com/support/pages/node/7129328 • CWE-521: Weak Password Requirements •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47742 – IBM QRadar Suite information dislosure
https://notcve.org/view.php?id=CVE-2023-47742
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not correctly enforcing all aspects of certificate validation in some circumstances. IBM X-Force ID: 272533. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272533 https://www.ibm.com/support/pages/node/7129328 • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-47745 – IBM MQ Container information disclosure
https://notcve.org/view.php?id=CVE-2023-47745
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 stores or transmits user credentials in plain clear text which can be read by a local user using a trace command. IBM X-Force ID: 272638. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272638 https://www.ibm.com/support/pages/node/7126571 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2024-27255 – IBM MQ Container information disclosure
https://notcve.org/view.php?id=CVE-2024-27255
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 283905. • https://exchange.xforce.ibmcloud.com/vulnerabilities/283905 https://www.ibm.com/support/pages/node/7126571 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •