CVE-2022-22480 : IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly wh

IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.

Published 2022-10-07 17:15:10

Updated 2022-10-09 02:26:18

Source IBM Corporation

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2022-22480

IBM » Qradar Security Information And Event Manager
Versions from including (>=) 7.4.0 and before (<) 7.4.3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.4.3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.4.3 Update Fix Pack 1
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_1:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.4.3 Update Fix Pack 2
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_2:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.4.3 Update Fix Pack 3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_3:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.5.0
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.4.3 Update Fix Pack 4
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_4:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.5.0 Update Update Pack 1
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.5.0 Update Update Pack 2
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.4.3 Update Fix Pack 5
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_5:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.4.3 Update Fix Pack 6
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_6:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-22480

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 15 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-22480

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.3	MEDIUM	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	1.6	3.6	IBM Corporation
Attack Vector: Adjacent Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2022-22480

CWE-668 Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-22480

https://exchange.xforce.ibmcloud.com/vulnerabilities/225889

VDB Entry;Vendor Advisory
https://www.ibm.com/support/pages/node/6826695

Security Bulletin: IBM QRadar SIEM is vulnerable to possible information disclosure (CVE-2022-22480)
Patch;Vendor Advisory

Jump to

Vulnerability Details : CVE-2022-22480

Products affected by CVE-2022-22480

Exploit prediction scoring system (EPSS) score for CVE-2022-22480

CVSS scores for CVE-2022-22480

CWE ids for CVE-2022-22480

References for CVE-2022-22480