Elaheh Samani

**Name of the Vulnerable Software and Affected Versions** IBM QRadar Network Security versions 5.4.0 through 5.5.0 **Description** The issue is related to insufficient protection of service data, which could allow a remote attacker to gain unauthorized access to protected information. This could potentially be used to mount further attacks against the system. **Recommendations** For versions 5.4.0 and 5.5.0, consider restricting access to sensitive information to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM SiteProtector Appliance version 3.1.1 **Description** The issue allows web pages to be stored locally, which can then be read by another user on the system. **Recommendations** For IBM SiteProtector Appliance version 3.1.1, consider restricting access to locally stored web pages to minimize the risk of unauthorized access until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM SiteProtector Appliance version 3.1.1 **Description** The issue concerns hard-coded credentials, such as a password or cryptographic key, used by the appliance for inbound authentication, outbound communication to external components, or encryption of internal data. **Recommendations** For IBM SiteProtector Appliance version 3.1.1, consider changing the hard-coded credentials to unique, secure credentials to mitigate the risk of exploitation. As a temporary workaround, restrict access to the appliance until secure credentials can be implemented.

**Name of the Vulnerable Software and Affected Versions** IBM Security Identity Governance and Intelligence versions 5.2.4 through 5.2.6 **Description** The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information. An attacker could exploit this to obtain sensitive information using man-in-the-middle techniques. **Recommendations** For versions 5.2.4 through 5.2.6, enable HTTP Strict Transport Security to prevent man-in-the-middle attacks and protect sensitive information.

**Name of the Vulnerable Software and Affected Versions** IBM Security Identity Governance and Intelligence version 5.2.6 **Description** The issue could disclose sensitive information in URL parameters, potentially aiding in future attacks against the system. **Recommendations** For IBM Security Identity Governance and Intelligence version 5.2.6, consider restricting access to sensitive URL parameters to minimize the risk of exploitation. As a temporary workaround, avoid using sensitive parameters in URLs until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security SOAR versions V42 through V43 **Description** The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information using man-in-the-middle techniques. **Recommendations** For versions V42 and V43, enable HTTP Strict Transport Security to prevent exploitation. As a temporary workaround, consider restricting access to sensitive information until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar SIEM versions 7.3 through 7.4 **Description** The issue is related to insufficiently robust data encryption in the system. This could allow a remote attacker to gain unauthorized access to protected information. The problem stems from the use of weaker than expected cryptographic algorithms, which could enable an attacker to decrypt highly sensitive information. **Recommendations** For versions 7.3 and 7.4, update to a version that uses stronger cryptographic algorithms to mitigate the risk of data decryption by attackers. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security SiteProtector System version 3.1.1 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. Recommendations: For IBM Security SiteProtector System version 3.1.1, consider disabling the Web UI functionality until a patch is available to prevent the embedding of arbitrary JavaScript code. Restrict access to the Web UI to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: IBM QRadar Network Security versions 5.4.0 through 5.5.0 Description: The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information using man-in-the-middle techniques. Recommendations: For versions 5.4.0 and 5.5.0, enable HTTP Strict Transport Security to prevent exploitation. As a temporary workaround, consider restricting access to sensitive information until a proper fix is applied.

Name of the Vulnerable Software and Affected Versions: IBM QRadar Network Security versions 5.4.0 through 5.5.0 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. Recommendations: For IBM QRadar Network Security versions 5.4.0 through 5.5.0, consider restricting access to the Web UI until a fix is available. As a temporary workaround, avoid using the Web UI for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM QRadar Network Security versions 5.4.0 through 5.5.0 Description: The issue allows sensitive or security-critical data to be transmitted in cleartext in a communication channel, making it accessible through man-in-the-middle techniques. Recommendations: For versions 5.4.0 through 5.5.0, consider implementing encryption for sensitive data transmission to prevent interception. As a temporary workaround, restrict access to the communication channel to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium versions 10.5 through 11.3 **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. This is due to a cross-site scripting vulnerability. **Recommendations** For versions 10.5 through 11.3, update to a version that includes a fix for this issue to prevent cross-site scripting attacks. As a temporary workaround, consider restricting access to the Web UI to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM i2 iBase versions 8.9.13 through 9.0.0 **Description** The issue allows a local attacker to obtain sensitive information due to insufficient session expiration. **Recommendations** For versions 8.9.13 and 9.0.0, consider implementing additional session management controls to mitigate the risk of sensitive information disclosure until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium version 11.3 **Description** The issue concerns hard-coded credentials, such as a password or cryptographic key, used by IBM Security Guardium for inbound authentication, outbound communication to external components, or encryption of internal data. **Recommendations** For IBM Security Guardium version 11.3, consider changing the hard-coded credentials to unique, secure values to prevent unauthorized access. As a temporary workaround, restrict access to the affected system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium version 11.3 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. Recommendations: For IBM Security Guardium version 11.3, consider restricting access to detailed technical error messages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium version 11.2 Description: The issue is related to an inadequate account lockout setting, which could allow a remote attacker to brute force account credentials. Recommendations: For IBM Security Guardium version 11.2, consider implementing a more robust account lockout policy to prevent brute force attacks. As a temporary workaround, restrict access to sensitive areas of the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Qradar SIEM versions 7.3.0 through 7.3.3 Patch 8 IBM Qradar SIEM versions 7.4.0 through 7.4.3 GA Description: The issue is related to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this to expose sensitive information or consume memory resources. Recommendations: For IBM Qradar SIEM versions 7.3.0 through 7.3.3 Patch 8, update to a version that includes the fix for the XML External Entity Injection vulnerability. For IBM Qradar SIEM versions 7.4.0 through 7.4.3 GA, update to a version that includes the fix for the XML External Entity Injection vulnerability. As a temporary workaround, consider restricting the processing of XML data to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM i2 Analyze versions 4.3.0 through 4.3.2 **Description** A remote attacker could obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. **Recommendations** For versions 4.3.0 through 4.3.2, consider restricting access to detailed technical error messages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM i2 iBase version 8.9.13 **Description** The issue allows a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this flaw to execute arbitrary code on the system. **Recommendations** For IBM i2 iBase version 8.9.13, at the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: IBM i2 Analyst's Notebook Premium versions 4.3.0 through 4.3.2 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. Recommendations: For versions 4.3.0 through 4.3.2, consider restricting access to detailed technical error messages to minimize the risk of exploitation. As a temporary workaround, consider disabling the feature that returns detailed technical error messages in the browser until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.