Geoffrey Owden

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8 Description: The issue allows a local privileged user to perform unauthorized actions due to incorrect permissions assignment. Recommendations: For versions 10.0.0 through 10.0.8, update to a version that includes the correct permissions assignment to prevent unauthorized actions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. Recommendations: For versions 10.0.0 through 10.0.8, consider disabling the detailed technical error messages to minimize the risk of exploitation. Restrict access to error messages to prevent potential attackers from obtaining sensitive information.

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8 Description: The issue allows an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts, due to cross-site request forgery. Recommendations: For versions 10.0.0 through 10.0.8, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8 **Description** This issue allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. The attacker can incorporate `code` into the interface, thus changing the expected behavior. **Recommendations** For versions 10.0.0 through 10.0.8, update to a version that includes the fix for this issue to prevent cross-site scripting attacks. As a temporary workaround, consider restricting access to the Web UI to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. Recommendations: For versions 10.0.0 through 10.0.8, consider disabling the detailed technical error messages to minimize the risk of exploitation. Restrict access to error messages to prevent potential attackers from obtaining sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security ReaQta version 3.12 Description: The issue allows an authenticated user to perform unauthorized actions due to the software's reliance on untrusted inputs. Recommendations: For IBM Security ReaQta version 3.12, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar SIEM version 7.5 **Description** The issue allows a privileged user to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session. This is due to a cross-site scripting issue. **Recommendations** For IBM QRadar SIEM version 7.5, consider restricting access to the Web UI until a fix is available, and avoid using the Web UI with privileged accounts to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: IBM Security ReaQta version 3.12 Description: This issue allows a privileged user to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. The vulnerability is related to cross-site scripting. Recommendations: For IBM Security ReaQta version 3.12, consider disabling access to the Web UI until a patch is available to prevent potential exploitation of the cross-site scripting vulnerability. Restricting user privileges may also help minimize the risk of credentials disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security ReaQta version 3.12 **Description** This issue allows a privileged user to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. The vulnerability is related to cross-site scripting. **Recommendations** For IBM Security ReaQta version 3.12, consider disabling access to the Web UI until a patch is available to prevent potential exploitation of the cross-site scripting vulnerability. Restricting the ability of privileged users to embed arbitrary JavaScript code can help minimize the risk of credentials disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar Suite Software versions 1.10.12.0 through 1.10.22.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 **Description** The issue is related to weaknesses in the error reporting mechanism of IBM QRadar Suite and IBM Cloud Pak for Security. This could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the request. The obtained information could be used in further attacks against the system. **Recommendations** For IBM QRadar Suite Software versions 1.10.12.0 through 1.10.22.0, update to a version outside of this range to mitigate the risk. For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to detailed technical error messages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM Cloud Pak for Security (CP4S) versions 1.10.0.0 through 1.10.11.0 IBM QRadar Suite Software versions 1.10.12.0 through 1.10.23.0 **Description** The issue is related to the failure to invalidate a session after logout, which could allow another authenticated user to obtain sensitive information. This could lead to unauthorized access. **Recommendations** For IBM Cloud Pak for Security (CP4S) versions 1.10.0.0 through 1.10.11.0, upgrade to a version that contains the fix for this issue. For IBM QRadar Suite Software versions 1.10.12.0 through 1.10.23.0, upgrade to a version that contains the fix for this issue. As a temporary workaround, consider implementing additional access controls to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM Security Directory Integrator version 7.2.0 IBM Security Verify Directory Integrator version 10.0.0 **Description** The issue is caused by the failure to set the HTTPOnly flag, allowing a remote attacker to obtain sensitive information from the cookie. A remote attacker could exploit this to obtain sensitive information. **Recommendations** For IBM Security Directory Integrator version 7.2.0, upgrade the affected component immediately to mitigate the risk. For IBM Security Verify Directory Integrator version 10.0.0, upgrade the affected component immediately to mitigate the risk.

**Name of the Vulnerable Software and Affected Versions** IBM Security Directory Integrator version 7.2.0 IBM Security Verify Directory Integrator version 10.0.0 **Description** The issue is related to insufficient session expiration, which could allow an unauthorized user to obtain sensitive information. **Recommendations** For IBM Security Directory Integrator version 7.2.0, update to a version that properly implements session expiration to prevent unauthorized access. For IBM Security Verify Directory Integrator version 10.0.0, update to a version that properly implements session expiration to prevent unauthorized access. As a temporary workaround, consider implementing additional session monitoring and timeout measures to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM Security Directory Integrator versions 7.2.0 IBM Security Verify Directory Integrator version 10.0.0 **Description** The issue is related to the lack of authentication for certain functionality that requires a provable user identity or consumes significant resources, allowing operations at the privilege level of a standard unprivileged user. There is also a mention of a buffer overflow in memory, which could allow a remote attacker to bypass authentication procedures. **Recommendations** For IBM Security Directory Integrator version 7.2.0, consider implementing additional authentication mechanisms for functionality that requires a provable user identity or consumes significant resources. For IBM Security Verify Directory Integrator version 10.0.0, consider implementing additional authentication mechanisms for functionality that requires a provable user identity or consumes significant resources. As a temporary workaround, consider restricting access to the affected functionality until a patch is available.

Name of the Vulnerable Software and Affected Versions: IBM Security Directory Integrator version 7.2.0 IBM Security Verify Directory Integrator version 10.0.0 Description: The issue is related to stored cross-site scripting in the web interface of the affected software, allowing users to embed arbitrary JavaScript code in the Web UI. This could alter the intended functionality and potentially lead to credentials disclosure within a trusted session. The vulnerability can be exploited by a remote attacker to execute arbitrary JavaScript code and disclose protected information. Recommendations: For IBM Security Directory Integrator version 7.2.0, update to a version that includes the fix for this issue. For IBM Security Verify Directory Integrator version 10.0.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Web UI to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM Security QRadar EDR version 3.12 **Description** A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. This issue allows for HTML injection, potentially leading to the execution of malicious code in the victim's browser. **Recommendations** For IBM Security QRadar EDR version 3.12, consider disabling any features that allow user-inputted HTML to be executed in the browser until a patch is available. Restrict access to areas of the application where HTML injection could be exploited to minimize the risk of attack. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 IBM QRadar Software Suite versions 1.10.12.0 through 1.10.21.0 Description: The issue is related to the storage of protected information in an unencrypted form, allowing an attacker to gain unauthorized access to sensitive data. This can occur because web pages are stored locally and can be read by another user on the system. Recommendations: For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, consider restricting access to sensitive web pages to minimize the risk of exploitation. For IBM QRadar Software Suite versions 1.10.12.0 through 1.10.21.0, consider implementing additional security measures to protect stored information, such as encryption or access controls. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Verify Access OIDC Provider versions 22.09 through 23.03 **Description** The issue is related to hazardous input validation, which could disclose sensitive information to a local user. **Recommendations** For versions 22.09 through 23.03, update to a version that addresses the hazardous input validation issue to prevent disclosure of sensitive information.

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium versions 11.3 through 12.0 Description: The issue allows a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. This is due to the failure to neutralize special elements used in the operating system command. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. Recommendations: For IBM Security Guardium versions 11.3 through 12.0, upgrade the affected component immediately to prevent potential system takeover. As a temporary workaround, consider restricting access to the request handler to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 IBM QRadar Suite Software versions 1.10.12.0 through 1.10.20.0 **Description** The issue exists due to insufficient input validation, allowing a remote attacker to modify dashboard parameters. This could be exploited by an authenticated user. **Recommendations** For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, update to a version outside of this range to resolve the issue. For IBM QRadar Suite Software versions 1.10.12.0 through 1.10.20.0, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to dashboard parameters until a patch is available.