Lucene search

IbmVULNRICHMENT:CVE-2024-28784

HistoryMar 27, 2024 - 12:33 p.m.

CVE-2024-28784 IBM QRadar cross-site scripting

2024-03-2712:33:45

CWE-79

ibm

github.com

ibm

qradar

siem

vulnerability

disclosure

cross-site scripting

javascript

web ui

credentials disclosure

trusted session.

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

6.2

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893.

CNA Affected

[
  {
    "vendor": "IBM",
    "product": "QRadar SIEM",
    "versions": [
      {
        "status": "affected",
        "version": "7.5"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/285893

https://www.ibm.com/support/pages/node/7145260