Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-38382

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated user to obtain sensitive information. IBM X-Force ID: 233672.

Published

2024-08-13T02:15:04.730

Last Modified

2024-09-21T10:15:02.680

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.7 (MEDIUM)

Weaknesses

Type: Secondary
CWE-613

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	cloud_pak_for_security	≤ 1.10.11.0	Yes
Application	ibm	qradar_suite	≤ 1.10.23.0	Yes

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/233672 VDB Entry ([email protected])
https://www.ibm.com/support/pages/node/7165286 Vendor Advisory ([email protected])