The Digital Security Authority (DSA) wants to bring to your attention, that IBM released Security updates to address an information disclosure vulnerability in QRadar SIEM.
Technical Details
Vulnerability Details:
- CVE-2024-27269 - CVSS 3.0 Base Score: 6.8
- IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants.
Affected Products:
- IBM QRadar SIEM 7.5.0
Fixed Versions:
- Refer to IBM Security Bulletin 7150684 for a patch IBM QRadar SIEM v 7.5.0 UP8 IF02, upgrade, or suggested workaround information.
Recommendations
The Digital Security Authority recommends installing the fixed versions released by IBM.
References
The information presented in this report is based on available data up to the 15th of May 2024.