CVE-2024-22355

MEDIUM

IBM QRadar Suite Products <1.10.18.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 280781.

References (2)

Scores

CVSS v3 5.9
EPSS 0.0006
EPSS Percentile 19.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-521
Status published
Products (2)
ibm/cloud_pak_for_security 1.10.0.0 - 1.10.11.0
ibm/qradar_suite 1.10.12.0 - 1.10.18.0
Published Mar 03, 2024
Tracked Since Feb 18, 2026