IBM Cloud Pak for Security Vulnerability Allows Local File Access
CVE-2022-38383
4MEDIUM
Key Information
- Vendor
- IBM
- Status
- Cloud Pak For Security
- Qradar Suite Software
- Vendor
- Published:
- 28 June 2024
Summary
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673.
Affected Version(s)
Cloud Pak for Security <= 1.10.11.0
QRadar Suite Software <= 1.10.21.0
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
LOW
Integrity:
NONE
Availability:
NONE
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database