CVE-2022-38383

Description

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected products

ibm / cloud_pak_for_security1.10.0.0 – 1.10.0.0
ibm / cloud_pak_for_security1.10.11.0 – 1.10.11.0
ibm / qradar_suite1.10.12.0 – 1.10.12.0
ibm / qradar_suite1.10.21.0 – 1.10.21.0
ibm / QRadar Suite Software1.10.12.0 – 1.10.21.0

References

MISChttps://www.ibm.com/support/pages/node/7158986
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/233673