CVE-2023-47728

IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the request. This information could be used in further attacks against the system. IBM X-Force ID: 272201.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_suite:*:*:*:*:*:*:*:*

History

21 Sep 2024, 10:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 6.5

28 Aug 2024, 21:40

Type Values Removed Values Added
First Time Ibm qradar Suite
Ibm cloud Pak For Security
Ibm
CPE cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_suite:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 4.9
v2 : unknown
v3 : 7.5
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/272201 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/272201 - Broken Link
References () https://www.ibm.com/support/pages/node/7161427 - () https://www.ibm.com/support/pages/node/7161427 - Vendor Advisory

19 Aug 2024, 13:00

Type Values Removed Values Added
Summary
  • (es) IBM QRadar Suite Software 1.10.12.0 a 1.10.22.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 podrían permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en la solicitud. Esta información podría usarse en futuros ataques contra el sistema. ID de IBM X-Force: 272201.

16 Aug 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-16 20:15

Updated : 2024-09-21 10:15


NVD link : CVE-2023-47728

Mitre link : CVE-2023-47728

CVE.ORG link : CVE-2023-47728


JSON object : View

Products Affected

ibm

  • qradar_suite
  • cloud_pak_for_security
CWE
CWE-209

Generation of Error Message Containing Sensitive Information