CVE-2023-47726

Description

IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

None

Affected products

ibm / cloud_pak_for_security1.10.12.0 – 1.10.12.0
ibm / cloud_pak_for_security1.10.21.0 – 1.10.21.0
ibm / cloud_pak_for_security1.10.12.0 – 1.10.21.0
ibm / qradar_suite1.10.12.0 – 1.10.12.0
ibm / qradar_suite1.10.21.0 – 1.10.21.0

References

MISChttps://https://www.ibm.com/support/pages/node/7157750
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/272087