Lucene search

K
vulnrichmentIbmVULNRICHMENT:CVE-2022-38383
HistoryJun 28, 2024 - 7:03 p.m.

CVE-2022-38383 IBM Cloud Pak for Security information disclosure

2024-06-2819:03:43
CWE-525
ibm
github.com
1
cve-2022-38383
ibm cloud pak
security information disclosure
ibm qradar software suite
ibm x-force id
web pages
system
information disclosure

4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673.

CNA Affected

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.11.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:qradar_suite:1.10.21.0:*:*:*:*:*:*:*"
    ],
    "vendor": "IBM",
    "product": "Cloud Pak for Security",
    "versions": [
      {
        "status": "affected",
        "version": "1.10.0.0",
        "versionType": "semver",
        "lessThanOrEqual": "1.10.11.0"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "IBM",
    "product": "QRadar Suite Software",
    "versions": [
      {
        "status": "affected",
        "version": "1.10.12.0",
        "versionType": "semver",
        "lessThanOrEqual": "1.10.21.0"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

Related for VULNRICHMENT:CVE-2022-38383