Unauthorized Actions Due to Certificate Validation Flaw
CVE-2023-50949

8.1HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
11 April 2024

Summary

IBM QRadar SIEM 7.5 is susceptible to vulnerabilities arising from improper certificate validation, which may permit unauthorized users to execute actions without proper authentication. This issue could significantly compromise system integrity and security, leading to unauthorized access and potential data breaches. Organizations using this version of QRadar SIEM should evaluate their security configurations and apply appropriate mitigations.

Affected Version(s)

QRadar SIEM 7.5

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.