CVE-2023-50949

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM version 7.5

Description: The issue is related to improper certificate validation, which could allow an unauthorized user to perform unauthorized actions. This is also associated with errors in the authentication procedure of the RabbitMQ message broker in the IBM QRadar SIEM system. Exploitation of this issue may enable a remote attacker to implement a "man-in-the-middle" attack.

Recommendations: For IBM QRadar SIEM version 7.5, consider disabling the certificate validation function temporarily until a patch is available. Restrict access to the RabbitMQ message broker to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.