CVE-2018-1728

Published: Dec 5, 2018Modified: Nov 21, 2024

5.4

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.3 / Impact: 2.7

Source: NVD

Description

IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147707.

Affected (22)

Products: Ibm: Qradar Incident Forensics

Ibm

1 product

Qradar Incident Forensics

Configuration A

22 vulnerable

Vulnerable Software	Affected Versions
Ibm Qradar Incident Forensics	From 7.2.0 to 7.2.8
Ibm Qradar Incident Forensics	From 7.3.0 to 7.3.1
Ibm Qradar Incident Forensics	Version 7.2.8
Ibm Qradar Incident Forensics	Version 7.2.8 p10
Ibm Qradar Incident Forensics	Version 7.2.8 p11
Ibm Qradar Incident Forensics	Version 7.2.8 p12
Ibm Qradar Incident Forensics	Version 7.2.8 p13
Ibm Qradar Incident Forensics	Version 7.2.8 p1
Ibm Qradar Incident Forensics	Version 7.2.8 p3
Ibm Qradar Incident Forensics	Version 7.2.8 p4
Ibm Qradar Incident Forensics	Version 7.2.8 p5
Ibm Qradar Incident Forensics	Version 7.2.8 p6
Ibm Qradar Incident Forensics	Version 7.2.8 p7
Ibm Qradar Incident Forensics	Version 7.2.8 p8
Ibm Qradar Incident Forensics	Version 7.2.8 p9
Ibm Qradar Incident Forensics	Version 7.3.1
Ibm Qradar Incident Forensics	Version 7.3.1 p1
Ibm Qradar Incident Forensics	Version 7.3.1 p2
Ibm Qradar Incident Forensics	Version 7.3.1 p3
Ibm Qradar Incident Forensics	Version 7.3.1 p4
Ibm Qradar Incident Forensics	Version 7.3.1 p5
Ibm Qradar Incident Forensics	Version 7.3.1 p6