Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMD2E4583C3BDCE8EA99FD6B2A2E4193BA20D2D98655ADD288D5EBCC76D5ECA86F
HistoryFeb 01, 2024 - 7:17 p.m.

Security Bulletin: IBM QRadar Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

2024-02-0119:17:04
www.ibm.com
3
ibm qradar assistant
vulnerabilities
framework libraries
cve-2022-38900
cve-2023-45857
cve-2022-25883
cve-2022-25927
update 3.6.1

8.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.6%

JSON

Summary

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM QRadar Assistant App for IBM QRadar SIEM has addressed the applicable CVEs.

Vulnerability Details

CVEID:CVE-2022-38900
**DESCRIPTION:**decode-uri-component is vulnerable to a denial of service, caused by improper input validation by the decodeComponents function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241069 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-45857
**DESCRIPTION:**Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By inserting the X-XSRF-TOKEN header using the secret XSRF-TOKEN cookie value in all requests to any server when the XSRF-TOKEN0 cookie is available, and the withCredentials setting is turned on, an attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/270574 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N)

CVEID:CVE-2022-25883
**DESCRIPTION:**Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the new Range function. By providing specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/258647 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2022-25927
**DESCRIPTION:**Node.js ua-parser-js module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245569 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Product(s) Version(s)
IBM QRadar Assistant 1.0.0 - 3.6.0

Remediation/Fixes

Update to 3.6.1

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security qradar siemeq3.6.1

Related

ibm 65
cvelist 5
redhatcve 4
ubuntucve 3
osv 17
cgr 2
githubexploit 3
cve 5
veracode 4
prion 5
github 5
debiancve 3
wolfi 1
nessus 35
redhat 17
fedora 5
openvas 6
almalinux 5
oraclelinux 5
cbl_mariner 2
rocky 2
ibm
ibm
Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to the ua-parser-js module (CVE-2022-25927)
2023-04-20 12:34:23
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Node.js ua-parser-js
2023-05-02 21:44:30
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service due to [CVE-2022-25927]
2023-03-03 15:05:05
cvelist
cvelist
CVE-2022-25927
2023-01-25 05:00:00
CVE-2023-45857
2023-11-08 00:00:00
CVE-2022-25883
2023-06-21 05:00:03
redhatcve
redhatcve
CVE-2022-25927
2023-01-27 12:05:22
CVE-2023-45857
2023-11-10 00:17:17
CVE-2022-38900
2023-02-16 21:29:43
ubuntucve
ubuntucve
CVE-2023-45857
2023-11-08 00:00:00
CVE-2022-25927
2023-01-26 00:00:00
CVE-2022-25883
2023-06-21 00:00:00
osv
osv
Axios Cross-Site Request Forgery Vulnerability
2023-11-08 21:30:37
ReDoS Vulnerability in ua-parser-js version
2023-01-24 15:36:32
CVE-2022-25927
2023-01-26 21:15:32
cgr
cgr
CVE-2023-45857 vulnerabilities
2024-05-19 03:07:16
CVE-2022-25883 vulnerabilities
2024-05-19 03:07:16
githubexploit
githubexploit
Exploit for Cross-Site Request Forgery (CSRF) in Axios
2023-10-26 04:18:03
Exploit for CVE-2023-45857
2023-10-18 12:19:34
Exploit for Cross-Site Request Forgery (CSRF) in Axios
2023-11-24 22:42:56
cve
cve
CVE-2022-25927
2023-01-26 21:15:00
CVE-2023-45857
2023-11-08 21:15:08
CVE-2022-38900
2022-11-28 13:15:00
veracode
veracode
Cross-Site Request Forgery
2023-11-09 07:07:08
Denial Of Service (DoS)
2022-11-29 02:52:14
Regular Expression Denial Of Service (ReDoS)
2023-01-25 03:43:06
prion
prion
Design/Logic Flaw
2023-11-08 21:15:00
Design/Logic Flaw
2023-01-26 21:15:00
Input validation
2022-11-28 13:15:00
github
github
ReDoS Vulnerability in ua-parser-js version
2023-01-24 15:36:32
Axios Cross-Site Request Forgery Vulnerability
2023-11-08 21:30:37
decode-uri-component vulnerable to Denial of Service (DoS)
2022-11-28 15:30:24
debiancve
debiancve
CVE-2023-45857
2023-11-08 21:15:08
CVE-2022-25883
2023-06-21 05:15:00
CVE-2022-25927
2023-01-26 21:15:00
wolfi
wolfi
CVE-2023-45857 vulnerabilities
2024-05-22 09:07:20
nessus
nessus
RHEL 6 : nodejs-semver (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 9 : pcs (RHSA-2023:6316)
2023-11-07 00:00:00
Fedora 37 : pcs (2023-ae96dd6105)
2023-07-01 00:00:00
redhat
redhat
(RHSA-2023:6316) Low: pcs security, bug fix, and enhancement update
2023-11-07 06:01:53
(RHSA-2023:4341) Moderate: Logging Subsystem 5.7.4 - Red Hat OpenShift bug fix and security update
2023-08-02 13:47:42
(RHSA-2023:5360) Important: nodejs:16 security, bug fix, and enhancement update
2023-09-26 14:25:50
fedora
fedora
[SECURITY] Fedora 37 Update: pcs-0.11.6-1.fc37
2023-07-01 00:38:09
[SECURITY] Fedora 38 Update: pcs-0.11.6-1.fc38
2023-07-01 01:46:23
[SECURITY] Fedora 37 Update: yarnpkg-1.22.19-5.fc37
2023-03-30 01:21:37
openvas
openvas
Fedora: Security Advisory for pcs (FEDORA-2023-ae96dd6105)
2023-07-02 00:00:00
Fedora: Security Advisory for pcs (FEDORA-2023-b86fd9ad80)
2023-07-02 00:00:00
Elastic Kibana 7.0.0 < 7.17.9, 8.0.0 < 8.6.1 DoS Vulnerability (ESA-2023-02)
2023-02-06 00:00:00
almalinux
almalinux
Low: pcs security, bug fix, and enhancement update
2023-11-07 00:00:00
Important: nodejs:18 security, bug fix, and enhancement update
2023-09-26 00:00:00
Important: nodejs:18 security, bug fix, and enhancement update
2023-09-26 00:00:00
oraclelinux
oraclelinux
pcs
2023-11-12 00:00:00
nodejs:18 security, bug fix, and enhancement update
2023-09-28 00:00:00
nodejs:16 security, bug fix, and enhancement update
2023-09-28 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-25883 affecting package nodejs for versions less than 16.20.1-2
2023-08-03 02:51:21
CVE-2022-25883 affecting package nodejs18 for versions less than 18.16.0-3
2023-08-03 02:51:21
rocky
rocky
nodejs:18 security, bug fix, and enhancement update
2023-10-05 21:35:58
nodejs:14 security, bug fix, and enhancement update
2023-04-26 15:28:13

8.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.6%

JSON
Related for D2E4583C3BDCE8EA99FD6B2A2E4193BA20D2D98655ADD288D5EBCC76D5ECA86F
ibm65cvelist5redhatcve4ubuntucve3osv17cgr2githubexploit3cve5veracode4prion5github5debiancve3wolfi1nessus35redhat17fedora5openvas6almalinux5oraclelinux5cbl_mariner2rocky2