What is the severity of CVE-2022-22424?

The severity of CVE-2022-22424 is medium with a CVSS score of 5.5.

Which versions of IBM QRadar are affected by CVE-2022-22424?

IBM QRadar SIEM versions 7.3, 7.4, and 7.5 are affected by CVE-2022-22424.

How can a local user obtain sensitive information from the TLS key file in IBM QRadar?

A local user can obtain sensitive information from the TLS key file in IBM QRadar due to incorrect file permissions.

What is the IBM X-Force ID for CVE-2022-22424?

The IBM X-Force ID for CVE-2022-22424 is 223597.

Where can I find more information about CVE-2022-22424?

You can find more information about CVE-2022-22424 on the IBM X-Force Exchange website and the IBM support pages.

Vulnerability/
CVE-2022-22424

medium

5.5

CWE

276

18/7/2022

20/7/2022

16/9/2024

CVE-2022-22424

First published: Mon Jul 18 2022(Updated: )

IBM QRadar could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM QRadar SIEM	<=7.3.0 - 7.3.3 Fix Pack 11
IBM QRadar SIEM	<=7.4.0 - 7.4.3 Fix Pack 5
IBM QRadar SIEM	<=7.5.0 - 7.5.0 Update Pack 1
IBM QRadar Security Information and Event Manager	>=7.3.0<7.3.3
IBM QRadar Security Information and Event Manager	>=7.4.0<7.4.3
IBM QRadar Security Information and Event Manager	=7.3.3
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_1
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_10
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_11
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_2
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_3
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_4
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_5
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_6
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_7
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_8
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_9
IBM QRadar Security Information and Event Manager	=7.4.3
IBM QRadar Security Information and Event Manager	=7.4.3-fix_pack_1
IBM QRadar Security Information and Event Manager	=7.4.3-fix_pack_2
IBM QRadar Security Information and Event Manager	=7.4.3-fix_pack_3
IBM QRadar Security Information and Event Manager	=7.4.3-fix_pack_4
IBM QRadar Security Information and Event Manager	=7.5.0
IBM QRadar Security Information and Event Manager	=7.5.0-update_pack_1
Linux Linux kernel

Remedy

https://www.ibm.com/support/pages/node/6605433

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6605433

Frequently Asked Questions

What is the severity of CVE-2022-22424?
The severity of CVE-2022-22424 is medium with a CVSS score of 5.5.
Which versions of IBM QRadar are affected by CVE-2022-22424?
IBM QRadar SIEM versions 7.3, 7.4, and 7.5 are affected by CVE-2022-22424.
How can a local user obtain sensitive information from the TLS key file in IBM QRadar?
A local user can obtain sensitive information from the TLS key file in IBM QRadar due to incorrect file permissions.
What is the IBM X-Force ID for CVE-2022-22424?
The IBM X-Force ID for CVE-2022-22424 is 223597.
Where can I find more information about CVE-2022-22424?
You can find more information about CVE-2022-22424 on the IBM X-Force Exchange website and the IBM support pages.

collector/nvd-index
agent/weakness
agent/severity
agent/references
agent/author
agent/description
agent/type
agent/tags
agent/event
agent/last-modified-date
agent/remedy
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
collector/ibm-support
source/IBM
agent/software-canonical-lookup
vendor/ibm
canonical/ibm qradar security information and event manager
version/ibm qradar security information and event manager/7.3.0
version/ibm qradar security information and event manager/7.4.0
version/ibm qradar security information and event manager/7.3.3
version/ibm qradar security information and event manager/7.3.3-fix_pack_1
version/ibm qradar security information and event manager/7.3.3-fix_pack_10
version/ibm qradar security information and event manager/7.3.3-fix_pack_11
version/ibm qradar security information and event manager/7.3.3-fix_pack_2
version/ibm qradar security information and event manager/7.3.3-fix_pack_3
version/ibm qradar security information and event manager/7.3.3-fix_pack_4
version/ibm qradar security information and event manager/7.3.3-fix_pack_5
version/ibm qradar security information and event manager/7.3.3-fix_pack_6
version/ibm qradar security information and event manager/7.3.3-fix_pack_7
version/ibm qradar security information and event manager/7.3.3-fix_pack_8
version/ibm qradar security information and event manager/7.3.3-fix_pack_9
version/ibm qradar security information and event manager/7.4.3
version/ibm qradar security information and event manager/7.4.3-fix_pack_1
version/ibm qradar security information and event manager/7.4.3-fix_pack_2
version/ibm qradar security information and event manager/7.4.3-fix_pack_3
version/ibm qradar security information and event manager/7.4.3-fix_pack_4
version/ibm qradar security information and event manager/7.5.0
version/ibm qradar security information and event manager/7.5.0-update_pack_1
vendor/linux
canonical/linux linux kernel
canonical/ibm qradar siem
version/ibm qradar siem/7.3.0 - 7.3.3 fix pack 11
version/ibm qradar siem/7.4.0 - 7.4.3 fix pack 5
version/ibm qradar siem/7.5.0 - 7.5.0 update pack 1