CVE-2022-43863 — Improper Input Validation in IBM Qradar Security Information AND Event Manager

CWE-20 — Improper Input Validation CWE-269 — Improper Privilege Management3 documents3 sources

Severity

7.2HIGHNVD

CNA6.7

EPSS

0.3%

top 42.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Qradar Security Information AND Event Manager IBM Qradar Siem

Timeline

PublishedMar 22

Latest updateMar 23

Description

IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. IBM X-Force ID: 239425.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5ibm/qradar_siem7.4, 7.5

▶NVDibm/qradar_security_information_and_event_manager7.4.0 — 7.4.3+2

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-pf92-gg69-86qp: IBM QRadar SIEM 7↗2023-03-23

▶

CVEList

IBM QRadar SIEM privilege escalation↗2023-03-22

▶