CVE-2018-1728

Name of the Vulnerable Software and Affected Versions IBM QRadar SIEM versions 7.2 through 7.3

Description The issue is related to the lack of measures to neutralize script-related tags, which can be exploited by a remote attacker to disclose protected information. This allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session.

Recommendations For IBM QRadar SIEM versions 7.2 and 7.3, consider disabling the Web UI functionality until a patch is available to prevent the embedding of arbitrary JavaScript code. As a temporary workaround, restrict access to the Web UI to minimize the risk of exploitation.