CVE-2022-30613
First published: Thu Sep 29 2022(Updated: )
IBM QRadar could disclose sensitive information via a local service to a privileged user.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM QRadar Security Information and Event Manager | >=7.4.0<7.4.3 | |
| IBM QRadar Security Information and Event Manager | =7.4.3 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_1 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_2 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_3 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_4 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_5 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_6 | |
| IBM QRadar Security Information and Event Manager | =7.5.0 | |
| IBM QRadar Security Information and Event Manager | =7.5.0-update_pack_1 | |
| IBM QRadar Security Information and Event Manager | =7.5.0-update_pack_2 | |
| Linux Linux kernel | ||
| IBM QRadar SIEM | <=7.4.0 - 7.4.3 Fix Pack 6 | |
| IBM QRadar SIEM | <=7.5.0 - 7.5.0 Update Pack 2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this security issue?
The vulnerability ID is CVE-2022-30613.
What can be disclosed by this vulnerability?
This vulnerability could disclose sensitive information.
Who can exploit this vulnerability?
A privileged user can exploit this vulnerability.
Which versions of IBM QRadar SIEM are affected?
IBM QRadar SIEM versions 7.4.0 to 7.4.3 Fix Pack 6 and versions 7.5.0 to 7.5.0 Update Pack 2 are affected.
What is the severity rating of this vulnerability?
The severity rating of this vulnerability is medium (5.5).
How can I fix this vulnerability?
To fix this vulnerability, update IBM QRadar SIEM to version 7.4.3 Fix Pack 6 or version 7.5.0 Update Pack 2.
- collector/nvd-index
- agent/references
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/tags
- agent/event
- agent/description
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm qradar security information and event manager
- version/ibm qradar security information and event manager/7.4.0
- version/ibm qradar security information and event manager/7.4.3
- version/ibm qradar security information and event manager/7.4.3-fix_pack_1
- version/ibm qradar security information and event manager/7.4.3-fix_pack_2
- version/ibm qradar security information and event manager/7.4.3-fix_pack_3
- version/ibm qradar security information and event manager/7.4.3-fix_pack_4
- version/ibm qradar security information and event manager/7.4.3-fix_pack_5
- version/ibm qradar security information and event manager/7.4.3-fix_pack_6
- version/ibm qradar security information and event manager/7.5.0
- version/ibm qradar security information and event manager/7.5.0-update_pack_1
- version/ibm qradar security information and event manager/7.5.0-update_pack_2
- vendor/linux
- canonical/linux linux kernel
- canonical/ibm qradar siem
- version/ibm qradar siem/7.4.0 - 7.4.3 fix pack 6
- version/ibm qradar siem/7.5.0 - 7.5.0 update pack 2