← Back

CVE-2023-47742

nvd nist
Published: Mar 3, 2024Modified: Dec 23, 2024

JSON object

Loading...
5.9
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.2 / Impact: 3.6
Source: psirt@us.ibm.com (Secondary)

Description

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not correctly enforcing all aspects of certificate validation in some circumstances. IBM X-Force ID: 272533.

Affected (2)

Ibm
2 products
Cloud Pak For Security
Qradar Suite
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Cloud Pak For Security
From 1.10.0.0 to 1.10.11.0
Qradar Suite
From 1.10.12.0 to 1.10.18.0

Related CWEs

CWE-295
Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.

References (4)

Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.