5.9
CVE-2024-22355
- EPSS 0.06%
- Veröffentlicht 03.03.2024 13:15:07
- Zuletzt bearbeitet 23.12.2024 18:01:08
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 280781.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Cloud Pak For Security Version >= 1.10.0.0 <= 1.10.11.0
Ibm ≫ Qradar Suite Version >= 1.10.12.0 <= 1.10.18.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.192 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.