Lucene search
HistoryFeb 02, 2024 - 4:15 a.m.
CVE-2023-38263
ibm
soar
qradar
plugin
app
cve-2023-38263
security
vulnerability
access control
x-force id 260577
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
19.0%
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 260577.
Affected configurations
Node
ibmsoar_qradar_plugin_appRange1.0–5.0.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | soar_qradar_plugin_app | * | cpe:2.3:a:ibm:soar_qradar_plugin_app:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "SOAR QRadar Plugin App",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "5.0.3",
"status": "affected",
"version": "1.0",
"versionType": "semver"
}
]
}
]Related
cnvd
cnvd
IBM SOAR QRadar Plugin App Access Control Error Vulnerability
2024-02-02 00:00:00
prion
prion
Improper access control
2024-02-02 04:15:00
cvelist
cvelist
CVE-2023-38263 IBM SOAR QRadar Plugin App improper access controls
2024-02-02 03:33:13
nvd
nvd
CVE-2023-38263
2024-02-02 04:15:08
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
19.0%
Related for CVE-2023-38263