CVE-2023-47727

Published: May 2, 2024Modified: Aug 13, 2025

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: psirt@us.ibm.com (Secondary)

Description

IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: 272089.

Affected (2)

Products: Ibm: Cloud Pak For Security, Qradar Suite

Ibm

2 products

Cloud Pak For Security

Qradar Suite

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Cloud Pak For Security	From 1.10.0.0 to 1.10.11.0
Ibm Qradar Suite	From 1.10.12.0 to 1.10.20.0

Related CWEs

CWE-1287

Improper Validation of Specified Type of Input

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/272089

Source: psirt@us.ibm.com

Vendor Advisory

https://www.ibm.com/support/pages/node/7149968

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/272089

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.ibm.com/support/pages/node/7149968

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.