CVE-2019-4470

Name of the Vulnerable Software and Affected Versions IBM QRadar versions 7.3.0 through 7.3.2 Patch 4

Description The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session.

Recommendations For IBM QRadar versions 7.3.0 through 7.3.2 Patch 4, consider restricting access to the Web UI until a fix is available. As a temporary workaround, avoid using the Web UI for sensitive operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.