IBM QRadar Suite Products Vulnerable to Weak Password Attacks
CVE-2024-22355

5.9MEDIUM

Key Information:

Vendor

IBM
Status
Qradar Suite Products
Cloud Pak For Security
Vendor
CVE Published:
3 March 2024

What is CVE-2024-22355?

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 280781.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cloud Pak for Security 1.10.0.0 <= 1.10.11.0

QRadar Suite Products 1.10.12.0 <= 1.10.18.0

References

https://www.ibm.com/support/pages/node/7129328
vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/280781
vdb-entry

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.