CVE-2022-34352 : IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated

IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. IBM X-Force ID: 230403.

Published 2023-06-27 18:15:12

Updated 2023-07-05 13:35:56

Source IBM Corporation

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2022-34352

IBM » Qradar Security Information And Event Manager » Version: 7.5.0
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.5.0 Update Update Pack 1
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.5.0 Update Update Pack 2
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.5.0 Update Update Pack 3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.5.0 Update Update Pack 4
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.5.0 Update Update Pack 5
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-34352

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 17 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-34352

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	IBM Corporation
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2022-34352

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Assigned by:
- nvd@nist.gov (Primary)
- psirt@us.ibm.com (Secondary)

References for CVE-2022-34352

https://www.ibm.com/support/pages/node/7006057

Security Bulletin: IBM QRadar SIEM is vulnerable to information disclosure between tenants (CVE-2022-34352)
Patch;Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/230403

IBM QRadar information disclosure CVE-2022-34352 Vulnerability Report
VDB Entry;Vendor Advisory

Jump to

Vulnerability Details : CVE-2022-34352

Products affected by CVE-2022-34352

Exploit prediction scoring system (EPSS) score for CVE-2022-34352

CVSS scores for CVE-2022-34352

CWE ids for CVE-2022-34352

References for CVE-2022-34352