PT-2024-2024 · Ibm · Ibm Qradar Suite+1
Published
2024-03-03
·
Updated
2024-12-23
·
CVE-2024-22355
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM QRadar Suite Products versions 1.10.12.0 through 1.10.18.0
IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0
Description
The issue is related to weak password requirements in IBM QRadar Suite and IBM Cloud Pak for Security products, making it easier for attackers to compromise user accounts. This weakness allows a remote attacker to gain access to confidential data.
Recommendations
For IBM QRadar Suite Products versions 1.10.12.0 through 1.10.18.0, consider enforcing strong password policies to mitigate the risk of exploitation.
For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, consider enforcing strong password policies to mitigate the risk of exploitation.
As a temporary workaround, consider implementing additional authentication measures, such as multi-factor authentication, to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Cloud Pak For Security
Ibm Qradar Suite