Lucene search

IBM00FF12B113D6E40DBE4C852FD19D987A06A7E1B860A21428CD4FAF62DD0AEBF6

HistoryApr 11, 2024 - 1:37 p.m.

Security Bulletin: IBM QRadar SIEM is vulnerable to cross-site scripting (CVE-2024-28784)

2024-04-1113:37:44

www.ibm.com

ibm qradar siem

cross-site scripting

vulnerability

update

security advisory

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Summary

IBM QRadar SIEM is vulnerable to cross-site scripting. This vulnerability has been addressed in the update.

Vulnerability Details

CVEID:CVE-2024-28784
**DESCRIPTION:**IBM QRadar SIEM is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/285893 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM QRadar SIEM	7.5 - 7.5.0 UP7 IF06

Remediation/Fixes

IBM strongly encourages customers to update their systems promptly.

Product	Version	Fix
IBM QRadar SIEM	7.5.0	7.5.0 UP8

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmqradar_network_securityMatch7.5

CPENameOperatorVersion
ibm security qradar siemeq7.5

CPE	Name	Operator	Version
	ibm security qradar siem	eq	7.5