cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-47728,https://securityvulnerability.io/vulnerability/CVE-2023-47728,IBM QRadar Suite Software Vulnerability Could Lead to Sensitive Information Disclosure,IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the request.  This information could be used in further attacks against the system.  IBM X-Force ID:  272201.,IBM,"Qradar Suite Software,Cloud Pak For Security",6.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-08-16T19:12:56.386Z,0
CVE-2024-25024,https://securityvulnerability.io/vulnerability/CVE-2024-25024,IBM QRadar Suite Software Stores User Credentials in Plain Text,IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user.  IBM X-Force ID:  281430.,IBM,"Qradar Suite Software,Cloud Pak For Security",5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-08-15T02:42:06.312Z,0
CVE-2024-28799,https://securityvulnerability.io/vulnerability/CVE-2024-28799,IBM QRadar Suite Software information disclosure,"A vulnerability affects IBM QRadar Suite Software and IBM Cloud Pak for Security that can lead to the improper display of sensitive data to local privileged users during back-end commands. This issue primarily arises under non-default configurations, potentially resulting in unexpected data disclosure. Organizations utilizing the affected versions should review their configurations and implement appropriate security measures to mitigate the risks associated with this exposure.",IBM,"Qradar Suite Software,Cloud Pak For Security",7.5,HIGH,0.0008699999889358878,false,false,false,false,,false,false,2024-08-14T16:15:00.000Z,0
CVE-2022-38382,https://securityvulnerability.io/vulnerability/CVE-2022-38382,Unauthorized Access to Sensitive Information Possible After Logout,"A session management issue exists in IBM Cloud Pak for Security (CP4S) and IBM QRadar Suite. This vulnerability allows a user to bypass session invalidation upon logout, potentially enabling unauthorized access to user sessions. As a result, another authenticated user may be able to retrieve sensitive information that should have been secured post-logout. Users of the affected versions should consider applying available patches and enhancing session management practices to safeguard sensitive data.",IBM,"Qradar Suite Software,Cloud Pak For Security",4.1,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-08-13T01:01:33.992Z,0
CVE-2024-25023,https://securityvulnerability.io/vulnerability/CVE-2024-25023,Log File Vulnerability Could Allow Local User Access,IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local user.  IBM X-Force ID:  281429.,IBM,"Qradar Suite Software,Cloud Pak For Security",5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-07-10T01:15:00.000Z,0
CVE-2022-38383,https://securityvulnerability.io/vulnerability/CVE-2022-38383,IBM Cloud Pak for Security Vulnerability Allows Local File Access,"A vulnerability has been identified in IBM Cloud Pak for Security and IBM QRadar Software Suite that allows local web pages to be stored and subsequently read by unauthorized users on the same system. This issue affects specific versions of these products, potentially leading to exposure of sensitive information. Organizations utilizing these platforms are encouraged to review the affected versions and implement recommended mitigations to safeguard against possible unauthorized access.",IBM,"Cloud Pak For Security,Qradar Suite Software",3.3,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-06-28T19:03:43.269Z,0
CVE-2023-47726,https://securityvulnerability.io/vulnerability/CVE-2023-47726,IBM QRadar Suite Software Vulnerability Could Allow Arbitrary Commands Execution,"The IBM QRadar Suite Software and IBM Cloud Pak for Security are susceptible to a vulnerability that allows authenticated users to execute arbitrary commands. This issue stems from an improper input validation mechanism within the software. When exploited, it can lead to unauthorized command execution, potentially compromising system integrity. Organizations using affected versions of these IBM products should review the advisory and implement necessary updates to mitigate this vulnerability.",IBM,"Qradar Suite Software,Cloud Pak For Security",7.1,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-06-18T13:40:39.683Z,0
CVE-2023-47727,https://securityvulnerability.io/vulnerability/CVE-2023-47727,Security Dashboard Parameters Vulnerability,IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation.  IBM X-Force ID:  272089.,IBM,"Cloud Pak For Security,Qradar Suite Software",4.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-02T14:43:57.748Z,0
CVE-2022-38386,https://securityvulnerability.io/vulnerability/CVE-2022-38386,IBM Cloud Pak for Security information disclosure,"A vulnerability exists in IBM Cloud Pak for Security and QRadar Suite where the SameSite attribute is not set for sensitive cookies. This oversight can allow attackers to exploit man-in-the-middle techniques, potentially resulting in unauthorized access to sensitive information. The affected versions include IBM Cloud Pak for Security from 1.10.0.0 to 1.10.11.0 and IBM QRadar Suite for Software from 1.10.12.0 to 1.10.19.0. It is advised to implement protective measures to mitigate risks associated with this vulnerability.",IBM,"Cloud Pak For Security,Qradar Suite For Software",5.9,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T12:48:12.167Z,0
CVE-2023-47731,https://securityvulnerability.io/vulnerability/CVE-2023-47731,IBM QRadar Suite Software Vulnerable to Stored Cross-Site Scripting,IBM QRadar Suite Software 1.10.12.0 through 1.10.19.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  272203.,IBM,"Qradar Suite Software,Cloud Pak For Security",5.4,MEDIUM,0.0004299999854993075,false,true,false,false,,false,false,2024-04-23T12:16:11.361Z,0
CVE-2023-50951,https://securityvulnerability.io/vulnerability/CVE-2023-50951,IBM QRadar Suite Logs Sensitive Information in Some Circumstances,IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts.  IBM X-Force ID:  275747.,IBM,"Qradar Suite Software,Cloud Pak For Security",4.3,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-02-17T16:00:51.779Z,0
CVE-2024-22337,https://securityvulnerability.io/vulnerability/CVE-2024-22337,IBM QRadar Suite Stores Sensitive Information in Log Files,IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user.  IBM X-Force ID:  279977.,IBM,"QRadar Suite Software,Cloud Pak for Security",5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-02-17T15:46:54.741Z,0
CVE-2024-22336,https://securityvulnerability.io/vulnerability/CVE-2024-22336,IBM QRadar Suite Stores Sensitive Information in Log Files,IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user.  IBM X-Force ID:  279976.,IBM,"QRadar Suite Software,Cloud Pak for Security",5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-02-17T15:45:35.951Z,0
CVE-2024-22335,https://securityvulnerability.io/vulnerability/CVE-2024-22335,IBM QRadar Suite Stores Sensitive Information in Log Files,IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user.  IBM X-Force ID:  279975.,IBM,"QRadar Suite Software,Cloud Pak for Security",5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-02-17T15:32:52.147Z,0
CVE-2022-36777,https://securityvulnerability.io/vulnerability/CVE-2022-36777,IBM Cloud Pak for Security information disclosure,IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.16.0could allow an authenticated user to obtain sensitive version information that could aid in further attacks against the system.  IBM X-Force ID:  233665.,IBM,"Cloud Pak For Security,Qradar Suite Software",4.3,MEDIUM,0.0008399999933317304,false,false,false,false,,false,false,2023-11-22T18:28:11.058Z,0