Ron Craig

**Name of the Vulnerable Software and Affected Versions** IBM QRadar SIEM versions 7.2 through 7.3 **Description** The issue concerns the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. **Recommendations** For IBM QRadar SIEM versions 7.2 through 7.3, consider updating the cryptographic algorithms to stronger ones to prevent potential decryption of sensitive information by an attacker. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium versions 10.0 through 10.1.4, 10.5 Description: The issue allows an attacker to potentially spoof a trusted entity by using man-in-the-middle (MITM) techniques due to incorrect certificate validation. Recommendations: For IBM Security Guardium versions 10.0 through 10.1.4, 10.5, update to a version that correctly validates certificates to prevent MITM attacks.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar SIEM versions 7.2 through 7.3 **Description** The issue allows web pages to be stored locally, which can then be read by another user on the system. **Recommendations** For versions 7.2 and 7.3, consider restricting access to sensitive web pages to minimize the risk of unauthorized access until a fix is available.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar SIEM versions 7.2 through 7.3 **Description** The issue concerns the use of hard-coded credentials, which could allow an attacker to bypass the authentication configured by the administrator. **Recommendations** For IBM QRadar SIEM versions 7.2 through 7.3, consider changing the hard-coded credentials to unique, secure credentials to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar SIEM versions 7.2 through 7.3 **Description** The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. **Recommendations** For IBM QRadar SIEM versions 7.2 through 7.3, consider updating the cryptographic algorithms to stronger ones to prevent potential decryption of sensitive information by an attacker. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar Advisor with Watson version 1.14.0 **Description** The issue is related to insufficient data protection, which can lead to the disclosure of sensitive information to unauthorized users. This information can potentially be used to mount further attacks on the system. The vulnerability can be exploited by a remote attacker to reveal protected information. **Recommendations** For IBM QRadar Advisor with Watson version 1.14.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar Incident Forensics versions 7.2 through 7.3 **Description** The issue allows a remote attacker to traverse directories on the system by sending a specially-crafted URL request containing `dot dot` sequences (`../`) to view arbitrary files on the system. **Recommendations** For IBM QRadar Incident Forensics versions 7.2 through 7.3, consider restricting access to sensitive files and directories as a temporary workaround until a patch is available. Avoid using URL requests that contain `dot dot` sequences (`../`) in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar Incident Forensics versions 7.2 through 7.3 **Description** The issue is related to improper restriction of the size or amount of resources requested, which could allow an unauthenticated user to cause a denial of service. **Recommendations** For versions 7.2 and 7.3, consider restricting access to limit the potential for denial of service attacks until a proper fix is applied.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar versions 7.2 through 7.3 **Description** The issue allows a remote authenticated attacker to execute arbitrary commands on the system by sending a specially-crafted request. This enables the attacker to exploit the system and execute commands. **Recommendations** For IBM QRadar versions 7.2 through 7.3, update to a version that includes the fix for this issue to prevent arbitrary command execution.

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Appliance versions 7.0.0 IBM Security Access Manager Appliance versions 8.0.0 through 8.0.1.6 IBM Security Access Manager Appliance versions 9.0.0 through 9.0.3.1 Description: The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information. An attacker could exploit this to obtain sensitive information using man-in-the-middle techniques. Recommendations: For version 7.0.0, enable HTTP Strict Transport Security to prevent man-in-the-middle attacks. For versions 8.0.0 through 8.0.1.6, enable HTTP Strict Transport Security to prevent man-in-the-middle attacks. For versions 9.0.0 through 9.0.3.1, enable HTTP Strict Transport Security to prevent man-in-the-middle attacks.

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Appliance versions 7.0.0 IBM Security Access Manager Appliance versions 8.0.0 through 8.0.1.6 IBM Security Access Manager Appliance versions 9.0.0 through 9.0.3.1 Description: The issue discloses sensitive information to unauthorized users, which can be used to mount further attacks on the system. Recommendations: For version 7.0.0, update to a version that contains a fix for this issue. For versions 8.0.0 through 8.0.1.6, update to a version that contains a fix for this issue. For versions 9.0.0 through 9.0.3.1, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 **Description** The issue concerns the specification of permissions for a security-critical resource, allowing it to be read or modified by unintended actors. **Recommendations** For IBM Security Guardium Big Data Intelligence (SonarG) version 3.1, consider reconfiguring the permissions for the security-critical resource to ensure it can only be accessed by intended actors. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 **Description** The issue arises because the session variable is not renewed after a successful authentication, potentially leading to session fixation or hijacking. This could force a user to utilize a cookie that may be known to an attacker. **Recommendations** For IBM Security Guardium Big Data Intelligence (SonarG) version 3.1, consider implementing a session renewal mechanism after successful authentication to prevent session fixation or hijacking. As a temporary workaround, restrict access to sensitive areas of the application that rely on session variables until a proper fix is applied.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. **Recommendations** For IBM Security Guardium Big Data Intelligence (SonarG) version 3.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 Description: The software generates an error message that includes sensitive information about its environment, users, or associated data. Recommendations: For IBM Security Guardium Big Data Intelligence (SonarG) version 3.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 **Description** The issue concerns the storage of sensitive information in URL parameters, which could lead to information disclosure if unauthorized parties gain access to the URLs through server logs, referrer headers, or browser history. **Recommendations** For IBM Security Guardium Big Data Intelligence (SonarG) version 3.1, consider modifying the application to avoid storing sensitive information in URL parameters as a temporary workaround. Restrict access to server logs and ensure proper handling of referrer headers and browser history to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium versions 10.0 through 10.1.4 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: For IBM Security Guardium versions 10.0 through 10.1.4, update to a version that uses stronger cryptographic algorithms to prevent potential decryption of sensitive information by an attacker.

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Appliance versions 8.0.0 through 8.0.1.6 IBM Security Access Manager Appliance versions 9.0.0 through 9.0.3.1 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: For versions 8.0.0 through 8.0.1.6, update to a version that uses stronger cryptographic algorithms. For versions 9.0.0 through 9.0.3.1, update to a version that uses stronger cryptographic algorithms.

Name of the Vulnerable Software and Affected Versions: IBM QRadar versions 7.3 through 7.3.1 Description: The issue allows a security-critical resource to be read or modified by unintended actors due to improper permission specifications. Recommendations: For IBM QRadar versions 7.3 through 7.3.1, update the permission settings to restrict access to the security-critical resource, ensuring it can only be read or modified by intended actors.

Name of the Vulnerable Software and Affected Versions: IBM QRadar version 7.3 Description: The issue allows potentially sensitive information to be stored in log files, which could be accessed by a local user. Recommendations: For IBM QRadar version 7.3, consider restricting access to log files to minimize the risk of sensitive information disclosure until a fix is available.