CVE-2023-50950

IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. IBM X-Force ID: 275709.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/275709	VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/7108657	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/275709	VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/7108657	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7::::::

History

21 Nov 2024, 08:37

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~5.3~~	v2 : unknown v3 : 3.7
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/275709 - VDB Entry, Vendor Advisory~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/275709 - VDB Entry, Vendor Advisory
References	~~() https://www.ibm.com/support/pages/node/7108657 - Patch, Vendor Advisory~~	() https://www.ibm.com/support/pages/node/7108657 - Patch, Vendor Advisory

24 Jan 2024, 19:42

Type	Values Removed	Values Added
CWE	~~CWE-200~~	NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/275709 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/275709 - VDB Entry, Vendor Advisory
References	~~() https://www.ibm.com/support/pages/node/7108657 -~~	() https://www.ibm.com/support/pages/node/7108657 - Patch, Vendor Advisory
CPE		cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1::::::

17 Jan 2024, 17:35

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-17 17:15

Updated : 2024-11-21 08:37

NVD link : CVE-2023-50950

Mitre link : CVE-2023-50950

CVE.ORG link : CVE-2023-50950

JSON object : View

Products Affected

ibm

qradar_security_information_and_event_manager

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo

3.7 /10