CVE-2023-47728

Name of the Vulnerable Software and Affected Versions IBM QRadar Suite Software versions 1.10.12.0 through 1.10.22.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0

Description The issue is related to weaknesses in the error reporting mechanism of IBM QRadar Suite and IBM Cloud Pak for Security. This could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the request. The obtained information could be used in further attacks against the system.

Recommendations For IBM QRadar Suite Software versions 1.10.12.0 through 1.10.22.0, update to a version outside of this range to mitigate the risk. For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to detailed technical error messages to minimize the risk of exploitation.