CVE-2022-38383

{"id": "CVE-2022-38383", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2024-06-28T19:15:03.670", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/233673", "tags": ["VDB Entry"], "source": "psirt@us.ibm.com"}, {"url": "https://www.ibm.com/support/pages/node/7158986", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/233673", "tags": ["VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.ibm.com/support/pages/node/7158986", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-525"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673."}, {"lang": "es", "value": "IBM Cloud Pak for Security (CP4S) 1.10.0.0 a 1.10.11.0 e IBM QRadar Software Suite 1.10.12.0 a 1.10.21.0 permiten almacenar localmente p\u00e1ginas web que pueden ser le\u00eddas por otro usuario en el sistema. ID de IBM X-Force: 233673."}], "lastModified": "2024-11-21T07:16:22.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FA89838-3E05-4778-9323-DE51CC10FD18", "versionEndIncluding": "1.10.11.0", "versionStartIncluding": "1.10.0.0"}, {"criteria": "cpe:2.3:a:ibm:qradar_suite:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42C9A369-ABBD-47AB-99F6-039A4B7FA4EE", "versionEndIncluding": "1.10.21.0", "versionStartIncluding": "1.10.12.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}