IBM Cloud Pak for Security Vulnerability Allows Local File Access
CVE-2022-38383
3.3LOW
Key Information
- Vendor
- IBM
- Status
- Cloud Pak For Security
- Qradar Suite Software
- Vendor
- CVE Published:
- 28 June 2024
Summary
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673.
Affected Version(s)
Cloud Pak for Security <= 1.10.11.0
QRadar Suite Software <= 1.10.21.0
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Risk change from: 3.3 to: 4 - (MEDIUM)
Risk change from: 3.3 to: 4 - (MEDIUM)
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database