Lucene search

IbmCVELIST:CVE-2021-38874

HistoryApr 27, 2022 - 3:20 p.m.

CVE-2021-38874

2022-04-2715:20:31

ibm

www.cve.org

ibm

qradar

siem

access

boundary

security

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

AI Score

4.6

Confidence

High

EPSS

0.001

Percentile

19.6%

JSON

IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.

CNA Affected

[
  {
    "product": "QRadar SIEM",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.3.3"
      },
      {
        "status": "affected",
        "version": "7.4.3"
      },
      {
        "status": "affected",
        "version": "7.5.0"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/208397

www.ibm.com/support/pages/node/6574787

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

AI Score

4.6

Confidence

High

EPSS

0.001

Percentile

19.6%

JSON

Related for CVELIST:CVE-2021-38874