5.9
CVE-2023-47742
- EPSS 0.05%
- Veröffentlicht 03.03.2024 13:15:07
- Zuletzt bearbeitet 23.12.2024 18:01:38
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not correctly enforcing all aspects of certificate validation in some circumstances. IBM X-Force ID: 272533.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Cloud Pak For Security Version >= 1.10.0.0 <= 1.10.11.0
Ibm ≫ Qradar Suite Version >= 1.10.12.0 <= 1.10.18.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.137 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.