4

CVE-2018-1568

IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 143118.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmQradar Incident Forensics Version >= 7.2.0 < 7.2.8
IbmQradar Incident Forensics Version >= 7.3.0 < 7.3.1
IbmQradar Incident Forensics Version7.2.8 Update-
IbmQradar Incident Forensics Version7.2.8 Updatep1
IbmQradar Incident Forensics Version7.2.8 Updatep10
IbmQradar Incident Forensics Version7.2.8 Updatep11
IbmQradar Incident Forensics Version7.2.8 Updatep12
IbmQradar Incident Forensics Version7.2.8 Updatep13
IbmQradar Incident Forensics Version7.2.8 Updatep3
IbmQradar Incident Forensics Version7.2.8 Updatep4
IbmQradar Incident Forensics Version7.2.8 Updatep5
IbmQradar Incident Forensics Version7.2.8 Updatep6
IbmQradar Incident Forensics Version7.2.8 Updatep7
IbmQradar Incident Forensics Version7.2.8 Updatep8
IbmQradar Incident Forensics Version7.2.8 Updatep9
IbmQradar Incident Forensics Version7.3.1 Update-
IbmQradar Incident Forensics Version7.3.1 Updatep1
IbmQradar Incident Forensics Version7.3.1 Updatep2
IbmQradar Incident Forensics Version7.3.1 Updatep3
IbmQradar Incident Forensics Version7.3.1 Updatep4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.095
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.3 1.8 1.4
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
psirt@us.ibm.com 4 2.5 1.4
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.