IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7178104 |
History
Mon, 09 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sat, 07 Dec 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |
Title | IBM QRadar SIEM cross-site scripting | |
First Time appeared |
Ibm
Ibm qradar Security Information And Event Manager |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:* | |
Vendors & Products |
Ibm
Ibm qradar Security Information And Event Manager |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2024-12-07T14:49:45.624Z
Updated: 2024-12-09T15:59:55.524Z
Reserved: 2024-09-18T19:26:44.572Z
Link: CVE-2024-47107
Vulnrichment
Updated: 2024-12-09T15:59:51.612Z
NVD
Status : Received
Published: 2024-12-07T15:15:04.123
Modified: 2024-12-07T15:15:04.123
Link: CVE-2024-47107
Redhat
No data.