CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22355 – IBM QRadar Suite information dislosure
https://notcve.org/view.php?id=CVE-2024-22355
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 280781. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280781 https://www.ibm.com/support/pages/node/7129328 • CWE-521: Weak Password Requirements •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47742 – IBM QRadar Suite information dislosure
https://notcve.org/view.php?id=CVE-2023-47742
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not correctly enforcing all aspects of certificate validation in some circumstances. IBM X-Force ID: 272533. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272533 https://www.ibm.com/support/pages/node/7129328 • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint •