CVE-2022-34351
Gravedad CVSS v3.1:
ALTA
Tipo:
CWE-312
Almacenamiento de información sensible en texto claro
Fecha de publicación:
17/02/2023
Última modificación:
07/11/2023
Descripción
*** Pendiente de traducción *** IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402.
Impacto
Puntuación base 3.x
7.50
Gravedad 3.x
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:* | 7.4.0 (incluyendo) | 7.4.3 (excluyendo) |
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_1:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_2:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_3:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_4:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_5:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_6:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_7:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página