IBM Cloud Pak for Security Vulnerability Allows Local File Access

CVE-2022-38383
3.3LOW

Key Information

Vendor
IBM
Status
Cloud Pak For Security
Qradar Suite Software
Vendor
CVE Published:
28 June 2024

Summary

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673.

Affected Version(s)

Cloud Pak for Security <= 1.10.11.0

QRadar Suite Software <= 1.10.21.0

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Risk change from: 3.3 to: 4 - (MEDIUM)

  • Risk change from: 3.3 to: 4 - (MEDIUM)

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database
.