CVE-2023-50951

Name of the Vulnerable Software and Affected Versions IBM QRadar Suite versions 1.10.12.0 through 1.10.17.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0

Description The issue is related to insufficient protection of registration data in IBM QRadar Suite and IBM Cloud Pak for Security. Exploitation of this issue may allow an attacker to access confidential data. In some circumstances, the software will log sensitive information about invalid authorization attempts.

Recommendations For IBM QRadar Suite versions 1.10.12.0 through 1.10.17.0, consider disabling the logging of sensitive information for invalid authorization attempts until a patch is available. For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, restrict access to sensitive information logged during invalid authorization attempts to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.