PT-2024-22572 · Ibm · Ibm Qradar Suite+1
Chris Shepherd
+7
·
Published
2024-04-03
·
Updated
2025-08-14
·
CVE-2024-28782
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM QRadar Suite Software versions 1.10.12.0 through 1.10.18.0
IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0
Description
The issue concerns the storage of user credentials in plain clear text, which can be read by an authenticated user.
Recommendations
For IBM QRadar Suite Software versions 1.10.12.0 through 1.10.18.0, update to a version that stores user credentials securely.
For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, update to a version that stores user credentials securely.
As a temporary workaround, consider restricting access to areas where user credentials are stored to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Cloud Pak For Security
Ibm Qradar Suite