Jonathan Fitz-Gerald

**Name of the Vulnerable Software and Affected Versions** IBM QRadar Network Security versions 5.4.0 through 5.5.0 **Description** The issue is related to insufficient protection of service data, which could allow a remote attacker to gain unauthorized access to protected information. This could potentially be used to mount further attacks against the system. **Recommendations** For versions 5.4.0 and 5.5.0, consider restricting access to sensitive information to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM SiteProtector Appliance version 3.1.1 **Description** The issue concerns hard-coded credentials, such as a password or cryptographic key, used by the appliance for inbound authentication, outbound communication to external components, or encryption of internal data. **Recommendations** For IBM SiteProtector Appliance version 3.1.1, consider changing the hard-coded credentials to unique, secure credentials to mitigate the risk of exploitation. As a temporary workaround, restrict access to the appliance until secure credentials can be implemented.

**Name of the Vulnerable Software and Affected Versions** IBM SiteProtector Appliance version 3.1.1 **Description** The issue allows web pages to be stored locally, which can then be read by another user on the system. **Recommendations** For IBM SiteProtector Appliance version 3.1.1, consider restricting access to locally stored web pages to minimize the risk of unauthorized access until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security SiteProtector System version 3.1.1 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. Recommendations: For IBM Security SiteProtector System version 3.1.1, consider disabling the Web UI functionality until a patch is available to prevent the embedding of arbitrary JavaScript code. Restrict access to the Web UI to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: IBM QRadar Network Security versions 5.4.0 through 5.5.0 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. Recommendations: For IBM QRadar Network Security versions 5.4.0 through 5.5.0, consider restricting access to the Web UI until a fix is available. As a temporary workaround, avoid using the Web UI for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM QRadar Network Security versions 5.4.0 through 5.5.0 Description: The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information using man-in-the-middle techniques. Recommendations: For versions 5.4.0 and 5.5.0, enable HTTP Strict Transport Security to prevent exploitation. As a temporary workaround, consider restricting access to sensitive information until a proper fix is applied.

Name of the Vulnerable Software and Affected Versions: IBM QRadar Network Security versions 5.4.0 through 5.5.0 Description: The issue allows sensitive or security-critical data to be transmitted in cleartext in a communication channel, making it accessible through man-in-the-middle techniques. Recommendations: For versions 5.4.0 through 5.5.0, consider implementing encryption for sensitive data transmission to prevent interception. As a temporary workaround, restrict access to the communication channel to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Verify Privilege Manager version 10.8.2 **Description** The issue is caused by improper bounds checking, leading to a buffer overflow. A local attacker could exploit this to execute arbitrary code on the system or cause it to crash. **Recommendations** For version 10.8.2, update to a version that includes the fix for the buffer overflow issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium version 11.2 Description: The issue arises because IBM Security Guardium performs an operation at a higher privilege level than necessary, potentially creating new weaknesses or amplifying existing ones. Recommendations: For IBM Security Guardium version 11.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Cloud Pak for Security (CP4S) version 1.3.0.1 **Description** The issue could disclose sensitive information through HTTP headers, which could be used in further attacks against the system. **Recommendations** For IBM Cloud Pak for Security (CP4S) version 1.3.0.1, consider restricting access to sensitive information and HTTP headers to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium version 11.2 Description: The issue discloses sensitive information in the response headers, which could be used in further attacks against the system. Recommendations: For IBM Security Guardium version 11.2, consider restricting access to sensitive information in response headers until a patch is available. As a temporary workaround, review and modify the system's configuration to minimize the disclosure of sensitive information in response headers.

**Name of the Vulnerable Software and Affected Versions** IBM Security Verify Privilege Manager version 10.8 **Description** The issue allows a local attacker to exploit an XML External Entity Injection (XXE) attack when processing XML data, potentially exposing sensitive information or consuming memory resources. **Recommendations** For IBM Security Verify Privilege Manager version 10.8, consider disabling XML data processing until a patch is available to prevent exploitation of the XXE vulnerability. Restrict access to sensitive information and monitor memory resources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Secret Server version 10.6 **Description** The issue concerns the storage of potentially sensitive information in configuration files. This information could be accessed by an authenticated user. **Recommendations** For IBM Security Secret Server version 10.6, consider restricting access to configuration files to minimize the risk of sensitive information disclosure.

**Name of the Vulnerable Software and Affected Versions** IBM Security Secret Server version 10.6 **Description** The issue allows a remote attacker to conduct phishing attacks using an open redirect attack. By persuading a victim to visit a specially crafted Web site, the attacker could exploit this to spoof the URL displayed, redirecting the user to a malicious Web site that appears trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. **Recommendations** For IBM Security Secret Server version 10.6, consider restricting access to the Web interface until a patch is available, and avoid clicking on links from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Tivoli Key Lifecycle Manager versions 3.0 through 4.0 **Description** The issue allows a local user to read user credentials stored in plain text. **Recommendations** For IBM Tivoli Key Lifecycle Manager versions 3.0 through 4.0, consider restricting access to sensitive areas where credentials are stored to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Secret Server version 1.2 **Description** The issue is related to improper input validation, which could allow a local user to bypass security restrictions. **Recommendations** For IBM Security Secret Server version 1.2, update to a version that includes proper input validation to prevent bypassing of security restrictions.

**Name of the Vulnerable Software and Affected Versions** IBM Security Secret Server versions prior to 10.9 **Description** The issue is related to improper certificate validation, which could allow an attacker to bypass SSL security. **Recommendations** For versions prior to 10.9, update to version 10.9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** IBM Resilient SOAR version 38.0 **Description** The issue is related to insufficient input validation, which may cause a denial of service of the SOAR Platform. **Recommendations** For IBM Resilient SOAR version 38.0, update to a version that includes input validation fixes to prevent denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Resilient SOAR version 38 **Description** The issue is related to incomplete blacklisting for input validation, which allows attackers to bypass application controls. This results in a direct impact to the system and data integrity. **Recommendations** For IBM Resilient SOAR version 38, consider implementing additional input validation mechanisms to prevent attackers from bypassing application controls. As a temporary workaround, review and enhance the existing blacklisting rules to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium Insights version 2.0.1 **Description** The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. **Recommendations** For IBM Security Guardium Insights version 2.0.1, update the cryptographic algorithms to stronger ones to prevent potential decryption of sensitive information by an attacker.