CVE-2023-43041

Name of the Vulnerable Software and Affected Versions IBM QRadar SIEM version 7.5

Description The issue is related to the lack of protection for service data in the IBM QRadar SIEM system, which can be exploited by a remote attacker to disclose protected information. Specifically, a delegated Admin tenant user with a specific domain security profile assigned can see data from other domains due to an incomplete fix.

Recommendations For IBM QRadar SIEM version 7.5, apply the fix provided by IBM to address the incomplete fix for the previous issue, ensuring that delegated Admin tenant users cannot access data from other domains.