IBM QRadar EDR 3.12 Vulnerability Could Leak Sensitive Data
CVE-2023-33859

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Security Qradar Edr
Vendor: CVE Published:; 10 July 2024

Summary

IBM Security QRadar EDR 3.12 is susceptible to a vulnerability that may result in the disclosure of sensitive information. This issue arises due to discrepancies in the observable login response, which could potentially be leveraged by an attacker to gain unauthorized access to sensitive data. Proper mitigation steps and monitoring are recommended to safeguard against this information leakage.

Affected Version(s)

Security QRadar EDR 3.12

References

https://www.ibm.com/support/pages/node/7159770

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/257697

vdb-entry

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 10, 2024
Vulnerability Reserved
May 23, 2023

Collectors

NVD DatabaseMitre Database