CVE-2022-30613 - Vulnerability Details

Vendors	Products
Ibm	Qradar Security Information And Event Manager
Linux	Linux Kernel

Link	Providers
https://exchange.xforce.ibmcloud.com/vulnerabilities/227366
https://www.ibm.com/support/pages/node/6826693

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-30613", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "datePublished": "2022-10-07T17:00:28.052336Z", "dateUpdated": "2024-09-17T03:37:59.917Z", "dateReserved": "2022-05-12T00:00:00"}, "containers": {"cna": {"datePublic": "2022-10-04T00:00:00", "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2022-10-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366."}], "affected": [{"vendor": "IBM", "product": "QRadar SIEM", "versions": [{"version": "7.4.0", "status": "affected"}, {"version": "7.5.0", "status": "affected"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/6826693"}, {"name": "ibm-qradar-cve202230613-info-disc (227366)", "tags": ["vdb-entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/227366"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/I:N/AC:L/S:U/PR:H/A:N/UI:N/AV:L/C:H/RL:O/E:U/RC:C", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "exploitCodeMaturity": "UNPROVEN", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "baseScore": 4.4, "temporalScore": 3.9, "baseSeverity": "MEDIUM", "temporalSeverity": "LOW"}}], "problemTypes": [{"descriptions": [{"type": "text", "description": "Obtain Information", "lang": "en"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T06:56:12.988Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.ibm.com/support/pages/node/6826693", "tags": ["x_transferred"]}, {"name": "ibm-qradar-cve202230613-info-disc (227366)", "tags": ["vdb-entry", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/227366"}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

state : PUBLISHED (string)

cveId : CVE-2022-30613 (string)

assignerOrgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

assignerShortName : ibm (string)

datePublished : 2022-10-07T17:00:28.052336Z (string)

dateUpdated : 2024-09-17T03:37:59.917Z (string)

dateReserved : 2022-05-12T00:00:00 (string)

}

containers : { »

cna : { »

datePublic : 2022-10-04T00:00:00 (string)

providerMetadata : { »

orgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

shortName : ibm (string)

dateUpdated : 2022-10-07T00:00:00 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366. (string)

}

]

affected : [ »

0 : { »

vendor : IBM (string)

product : QRadar SIEM (string)

versions : [ »

0 : { »

version : 7.4.0 (string)

status : affected (string)

}

1 : { »

version : 7.5.0 (string)

status : affected (string)

}

]

}

]

references : [ »

0 : { »

url : https://www.ibm.com/support/pages/node/6826693 (string)

}

1 : { »

name : ibm-qradar-cve202230613-info-disc (227366) (string)

tags : [ »

0 : vdb-entry (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/227366 (string)

}

]

metrics : [ »

0 : { »

cvssV3_0 : { »

version : 3.0 (string)

vectorString : CVSS:3.0/I:N/AC:L/S:U/PR:H/A:N/UI:N/AV:L/C:H/RL:O/E:U/RC:C (string)

attackVector : LOCAL (string)

attackComplexity : LOW (string)

privilegesRequired : HIGH (string)

userInteraction : NONE (string)

scope : UNCHANGED (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

availabilityImpact : NONE (string)

exploitCodeMaturity : UNPROVEN (string)

remediationLevel : OFFICIAL_FIX (string)

reportConfidence : CONFIRMED (string)

baseScore : 4.4 (number)

temporalScore : 3.9 (number)

baseSeverity : MEDIUM (string)

temporalSeverity : LOW (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : text (string)

description : Obtain Information (string)

lang : en (string)

}

]

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T06:56:12.988Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://www.ibm.com/support/pages/node/6826693 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

name : ibm-qradar-cve202230613-info-disc (227366) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/227366 (string)

}

]

}

]

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A90B7A9-24AC-4890-87AE-BFC2FB674E5A", "versionEndExcluding": "7.4.3", "versionStartIncluding": "7.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:*", "matchCriteriaId": "55A7F7A4-2736-4CD0-AA68-8837FF8EF5FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_1:*:*:*:*:*:*", "matchCriteriaId": "0EE2F947-9BEB-4036-B0C9-8EB5C70D8168", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_2:*:*:*:*:*:*", "matchCriteriaId": "4E8EDDEC-B529-4647-B8BA-8F76757AEBD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_3:*:*:*:*:*:*", "matchCriteriaId": "8168C98E-B2D6-4525-BBCD-CADAFCDEB9BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_4:*:*:*:*:*:*", "matchCriteriaId": "CC0A36C1-D4C1-4EAE-91B2-72E0C5509ADD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_5:*:*:*:*:*:*", "matchCriteriaId": "B556B3D3-8C21-43FA-9EAB-78C8312D2B46", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_6:*:*:*:*:*:*", "matchCriteriaId": "A19CDD7C-A683-442A-9C7D-F0949733766E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*", "matchCriteriaId": "DACA17CC-8B71-4E71-B075-BFFB65AD989C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*", "matchCriteriaId": "BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*", "matchCriteriaId": "AB518E06-00BA-48F3-8AEC-6E1E97CAA2CC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366."}, {"lang": "es", "value": "IBM QRadar SIEM versiones 7.4 y 7.5, podr\u00eda divulgar informaci\u00f3n confidencial por medio de un servicio local a un usuario privilegiado. IBM X-Force ID: 227366"}], "id": "CVE-2022-30613", "lastModified": "2024-11-21T07:03:01.603", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-07T17:15:10.483", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/227366"}, {"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6826693"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/227366"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6826693"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7A90B7A9-24AC-4890-87AE-BFC2FB674E5A (string)

versionEndExcluding : 7.4.3 (string)

versionStartIncluding : 7.4.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:* (string)

matchCriteriaId : 55A7F7A4-2736-4CD0-AA68-8837FF8EF5FF (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_1:*:*:*:*:*:* (string)

matchCriteriaId : 0EE2F947-9BEB-4036-B0C9-8EB5C70D8168 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_2:*:*:*:*:*:* (string)

matchCriteriaId : 4E8EDDEC-B529-4647-B8BA-8F76757AEBD8 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_3:*:*:*:*:*:* (string)

matchCriteriaId : 8168C98E-B2D6-4525-BBCD-CADAFCDEB9BF (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_4:*:*:*:*:*:* (string)

matchCriteriaId : CC0A36C1-D4C1-4EAE-91B2-72E0C5509ADD (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_5:*:*:*:*:*:* (string)

matchCriteriaId : B556B3D3-8C21-43FA-9EAB-78C8312D2B46 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_6:*:*:*:*:*:* (string)

matchCriteriaId : A19CDD7C-A683-442A-9C7D-F0949733766E (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:* (string)

matchCriteriaId : DACA17CC-8B71-4E71-B075-BFFB65AD989C (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:* (string)

matchCriteriaId : BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:* (string)

matchCriteriaId : AB518E06-00BA-48F3-8AEC-6E1E97CAA2CC (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 703AF700-7A70-47E2-BC3A-7FD03B3CA9C1 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366. (string)

}

1 : { »

lang : es (string)

value : IBM QRadar SIEM versiones 7.4 y 7.5, podría divulgar información confidencial por medio de un servicio local a un usuario privilegiado. IBM X-Force ID: 227366 (string)

}

]

id : CVE-2022-30613 (string)

lastModified : 2024-11-21T07:03:01.603 (string)

metrics : { »

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 4.4 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.0 (string)

}

exploitabilityScore : 0.8 (number)

impactScore : 3.6 (number)

source : psirt@us.ibm.com (string)

type : Secondary (string)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-10-07T17:15:10.483 (string)

references : [ »

0 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : VDB Entry (string)

1 : Vendor Advisory (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/227366 (string)

}

1 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://www.ibm.com/support/pages/node/6826693 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : VDB Entry (string)

1 : Vendor Advisory (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/227366 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://www.ibm.com/support/pages/node/6826693 (string)

}

]

sourceIdentifier : psirt@us.ibm.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object