Paul Ionescu

**Name of the Vulnerable Software and Affected Versions** IBM Tivoli Identity Manager versions 5.1.x through 5.1.0.15-ISS-TIM-IF0057 Security Identity Manager versions 6.0.x through 6.0.0.4-ISS-SIM-IF0001 Security Identity Manager versions 7.0.x through 7.0.0.0-ISS-SIM-IF0003 **Description** The issue makes it easier for remote attackers to obtain sensitive information by leveraging support for weak SSL ciphers. **Recommendations** For IBM Tivoli Identity Manager versions 5.1.x through 5.1.0.15-ISS-TIM-IF0057, update to version 5.1.0.15-ISS-TIM-IF0057 or later. For Security Identity Manager versions 6.0.x through 6.0.0.4-ISS-SIM-IF0001, update to version 6.0.0.4-ISS-SIM-IF0001 or later. For Security Identity Manager versions 7.0.x through 7.0.0.0-ISS-SIM-IF0003, update to version 7.0.0.0-ISS-SIM-IF0003 or later.

**Name of the Vulnerable Software and Affected Versions** IBM Security SiteProtector System versions 3.0 through 3.1.1 **Description** The issue allows remote attackers to bypass intended security restrictions, execute unspecified commands, and obtain sensitive information via unknown vectors. **Recommendations** For versions 3.0 through 3.1.1, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium Database Activity Monitor version 10 **Description** The issue allows local users to have an unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems. **Recommendations** For IBM Security Guardium Database Activity Monitor version 10, consider changing the hardcoded password to a unique and secure password to prevent potential exploitation. As a temporary workaround, restrict access to the system to minimize the risk of unauthorized administrator access.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium Database Activity Monitor version 10 **Description** The issue allows local users to obtain sensitive information by reading cached browser data. **Recommendations** For IBM Security Guardium Database Activity Monitor version 10, consider clearing cached browser data regularly to minimize the risk of sensitive information exposure. As a temporary workaround, restrict local access to the system to prevent unauthorized users from reading cached browser data.

**Name of the Vulnerable Software and Affected Versions** IBM Security Identity Manager Virtual Appliance versions 7.0.x before 7.0.1.3-ISS-SIM-IF0001 **Description** The issue makes it easier for remote attackers to capture session cookies by intercepting their transmission within an HTTP session, as the secure flag for the session cookie in an HTTPS session is not set. **Recommendations** For IBM Security Identity Manager Virtual Appliance versions 7.0.x before 7.0.1.3-ISS-SIM-IF0001, update to version 7.0.1.3-ISS-SIM-IF0001 or later to resolve the issue. As a temporary workaround, consider restricting access to HTTPS sessions to minimize the risk of cookie interception.

Name of the Vulnerable Software and Affected Versions: IBM Security Identity Manager versions 5.1 through 7.0 Description: A cross-site request forgery (CSRF) issue allows remote attackers to hijack user authentication for requests, potentially leading to cross-site scripting attacks, web cache poisoning, or other impacts. Recommendations: For IBM Security Identity Manager versions 5.1 through 7.0, update to a version that includes a fix for this issue, as no specific workaround is provided in the available data.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium versions 9.0 through 10.1 **Description** The issue allows an attacker to obtain sensitive information using man-in-the-middle techniques because sensitive data is transmitted in cleartext in the query of the request. **Recommendations** For IBM Security Guardium versions 9.0 through 10.1, consider implementing encryption for sensitive data transmitted in the query of the request to prevent interception by an attacker.

**Name of the Vulnerable Software and Affected Versions** IBM Security Access Manager for Web version 9.0.0 **Description** The issue allows an authenticated user to access some privileged functionality of the server. **Recommendations** For IBM Security Access Manager for Web version 9.0.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar versions 7.2 through 7.3 **Description** The issue allows an authenticated user to read user credentials stored in plain text. **Recommendations** For IBM QRadar versions 7.2 through 7.3, update the configuration to securely store user credentials, avoiding plain text storage.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar version 7.2 **Description** The issue allows anonymous users to access protected areas due to a lack of authentication check for a critical resource or functionality. **Recommendations** For IBM QRadar version 7.2, apply the fix referenced in IBM Reference #: 1999545 to add the necessary authentication checks.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar Incident Forensics version 7.2 **Description** The issue allows an attacker to execute malicious and unauthorized actions by exploiting cross-site request forgery. This could be done by transmitting actions from a user that the website trusts. **Recommendations** For IBM QRadar Incident Forensics version 7.2, update to a version that includes the fix for the issue referenced by IBM Reference #: 1999549.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar Incident Forensics version 7.2 **Description** The issue concerns Cross-Origin Resource Sharing (CORS), a mechanism that enables web sites to request resources from external sites. This allows for the sharing of resources without the need for duplication. **Recommendations** For IBM QRadar Incident Forensics version 7.2, consider restricting access to external resources to minimize potential risks associated with CORS until a fix is available.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar Incident Forensics version 7.2 **Description** A remote authenticated attacker could execute arbitrary commands on the system by sending a specially-crafted request, allowing for the exploitation of this issue to execute arbitrary commands on the system. **Recommendations** For IBM QRadar Incident Forensics version 7.2, update to a version that addresses this issue, as indicated by IBM Reference #: 1999542.

**Name of the Vulnerable Software and Affected Versions** IBM Qradar version 7.2 **Description** The issue allows a remote attacker to send specially-crafted SQL statements, potentially enabling them to view information in the back-end database. This is due to a SQL injection flaw. **Recommendations** For IBM Qradar version 7.2, update to a version that includes the fix for IBM Reference #: 1999543 to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar version 7.2 **Description** A remote authenticated attacker could execute arbitrary commands on the system by sending a specially-crafted request, allowing for the exploitation of the system. **Recommendations** For IBM QRadar version 7.2, update to a version that includes the fix for the issue referenced by IBM Reference #: 1999542.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar version 7.2 **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. **Recommendations** For IBM QRadar version 7.2, update to a version that includes the fix for the issue referenced by IBM Reference #: 1999534.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar version 7.2 **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. **Recommendations** For IBM QRadar version 7.2, update to a version that includes the fix for the issue referenced by IBM Reference #: 1999534.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar version 7.2 **Description** The issue is caused by an XML External Entity Injection (XXE) error when processing XML data, which could allow a remote attacker to expose highly sensitive information or consume all available memory resources, resulting in a denial of service. **Recommendations** For IBM QRadar version 7.2, update to a version that includes the fix for the XML External Entity Injection (XXE) error, as referenced in IBM Reference #: 1999537.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar version 7.2 **Description** The issue discloses sensitive information to unauthorized users, which can be used to mount further attacks on the system. **Recommendations** For IBM QRadar version 7.2, refer to IBM Reference #: 1999533 for guidance on resolving the issue.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar version 7.2 **Description** The issue allows a remote attacker to consume all resources on the server due to improper restriction of the size or amount of resources requested by an actor. **Recommendations** For IBM QRadar version 7.2, update to a version that properly restricts resource requests to prevent exploitation.