3 matches found
Security Bulletin: IBM QRadar SIEM is vulnerable to possible information disclosure [CVE-2023-22875]
Summary IBM QRadar SIEM copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. The key remains within the QRadar deployment. However, if you allow users other than QRadar system administrators to access manag...
CVE-2023-22875
IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356...
CVE-2023-22875
Summary (CVE-2023-22875): IBM QRadar SIEM 7.4 and 7.5 copies SSL/TLS certificate key files from the web UI to managed hosts that do not require the key, creating a possible information disclosure of the admin web server key. Root cause described as misdistribution of certificate keys within the d...