CVE-2024-27269

CWE-2863 documents3 sources

Severity

6.8MEDIUM

EPSS

0.1%

top 78.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Qradar Siem IBM Qradar Security Information AND Event Manager

Timeline

PublishedMay 14

Description

IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:NExploitability: 2.3 | Impact: 4.0

Affected Packages2 packages

▶CVEListV5ibm/qradar_siem7.5

▶NVDibm/qradar_security_information_and_event_manager7.5.0

🔴Vulnerability Details

GHSA

GHSA-jjrv-72p3-frpm: IBM QRadar SIEM 7↗2024-05-14

▶

CVEList

IBM QRadar SIEM information disclosure↗2024-05-10

▶