CVE-2023-47726

HIGH

IBM QRadar Suite Software <1.10.21.0 - Command Injection

Title source: llm

Description

IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087.

References (2)

[Vendor Advisory] https://https://www.ibm.com/support/pages/node/7157750

[Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/272087

Scores

CVSS v3 7.1

EPSS 0.0010

EPSS Percentile 27.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1287

Status published

Products (2)

ibm/cloud_pak_for_security 1.10.12.0 - 1.10.21.0

ibm/qradar_suite 1.10.12.0 - 1.10.21.0

Published Jun 18, 2024

Tracked Since Feb 18, 2026