IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. This vulnerability is due to an incomplete fix for CVE-2022-34352. IBM X-Force ID: 266808.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Qradar_security_information_and_event_manager | Ibm | 7.5.0 (including) | 7.5.0 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_1 (including) | 7.5.0-update_pack_1 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_2 (including) | 7.5.0-update_pack_2 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_3 (including) | 7.5.0-update_pack_3 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_4 (including) | 7.5.0-update_pack_4 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_5 (including) | 7.5.0-update_pack_5 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_6 (including) | 7.5.0-update_pack_6 (including) |