Main Vulnerability Database Vulnerabilities #VU86581

#VU86581 Inclusion of Sensitive Information in Log Files in QRadar Suite and IBM Cloud Pak for Security - CVE-2023-50951

Published: February 19, 2024

Vulnerability identifier: #VU86581

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-50951

CWE-ID: CWE-532

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
QRadar Suite
IBM Cloud Pak for Security

Software vendor:
IBM Corporation

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to IBM QRadar Suite and IBM Cloud Pak for Security in some circumstances will log some sensitive information about invalid authorization attempts. A local user can read the log files and gain access to sensitive data.

Remediation

Install updates from vendor's website.

External links

https://www.ibm.com/support/pages/node/7118604
https://exchange.xforce.ibmcloud.com/vulnerabilities/275747

#VU86581 Inclusion of Sensitive Information in Log Files in QRadar Suite and IBM Cloud Pak for Security - CVE-2023-50951

Description

Remediation

External links

Please verify you're human