Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-28799

IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configurations, during back-end commands which may result in the unexpected disclosure of this information. IBM X-Force ID: 287173.

Published

2024-08-14T16:15:11.220

Last Modified

2024-09-21T10:15:05.253

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.6 (MEDIUM)

Weaknesses

Type: Secondary
CWE-214
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	cloud_pak_for_security	≤ 1.10.11.0	Yes
Application	ibm	qradar_suite	≤ 1.10.23.0	Yes

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/287173 Vendor Advisory ([email protected])
https://www.ibm.com/support/pages/node/7165488 Vendor Advisory ([email protected])