CVE-2023-47727

CWE-12873 documents3 sources
Severity
4.3MEDIUM
EPSS
0.0%
top 86.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
IBM Cloud PAK FOR SecurityIBM Qradar Suite SoftwareIBM Qradar Suite
Timeline
PublishedMay 2

Description

IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: 272089.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages4 packages

CVEListV5ibm/qradar_suite_software1.10.12.01.10.20.0
NVDibm/qradar_suite1.10.12.01.10.20.0
CVEListV5ibm/cloud_pak_for_security1.10.0.01.10.11.0
NVDibm/cloud_pak1.10.0.01.10.11.0

🔴Vulnerability Details

2
GHSA
GHSA-9fx4-733j-xgmg: IBM Cloud Pak for Security 12024-05-02
CVEList
IBM QRadar Suite Software file manipulation2024-05-02
CVE-2023-47727 (MEDIUM CVSS 4.3) | IBM Cloud Pak for Security 1.10.0.0 | cvebase.io