CVE-2024-25023 | THREATINT

Description

IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281429.

PUBLISHED Reserved 2024-02-03 | Published 2024-07-09 | Updated 2024-09-21 | Assigner ibm

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-312 Cleartext Storage of Sensitive Information

Product status

Default status

unaffected

1.10.12.0 (semver)

affected

Default status

unaffected

1.10.0.0 (semver)

affected

References

www.ibm.com/support/pages/node/7159768 vendor-advisory

exchange.xforce.ibmcloud.com/vulnerabilities/281429 vdb-entry

www.ibm.com/support/pages/node/7159768 vendor-advisory

exchange.xforce.ibmcloud.com/vulnerabilities/281429 vdb-entry

cve.org (CVE-2024-25023)

nvd.nist.gov (CVE-2024-25023)

Download JSON