CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47728 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2023-47728
IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the request. This information could be used in further attacks against the system. IBM X-Force ID: 272201. • https://www.ibm.com/support/pages/node/7161427 https://exchange.xforce.ibmcloud.com/vulnerabilities/272201 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-25024 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-25024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 281430. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281430 https://www.ibm.com/support/pages/node/7165488 •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28799 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-28799
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly during back-end commands which may result in the unexpected disclosure of this information. IBM X-Force ID: 287173. IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local user during back-end commands which may result in the unexpected disclosure of this information under certain conditions. IBM X-Force ID: 287173. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287173 https://www.ibm.com/support/pages/node/7165488 • CWE-214: Invocation of Process Using Visible Sensitive Information •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38382 – IBM Cloud Pak for Security session fixation
https://notcve.org/view.php?id=CVE-2022-38382
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another user to obtain sensitive information. IBM X-Force ID: 233672. • https://exchange.xforce.ibmcloud.com/vulnerabilities/233672 https://www.ibm.com/support/pages/node/7165286 • CWE-613: Insufficient Session Expiration •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-25023 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-25023
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281429. IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 e IBM QRadar Suite Software 1.10.12.0 a 1.10.22.0 almacenan información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 281429. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281429 https://www.ibm.com/support/pages/node/7159768 • CWE-312: Cleartext Storage of Sensitive Information •