CVE-2022-34351: Infoleak
First published: Mon Feb 13 2023(Updated: )
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM QRadar Security Information and Event Manager | >=7.4.0<7.4.3 | |
| IBM QRadar Security Information and Event Manager | =7.4.3 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_1 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_2 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_3 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_4 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_5 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_6 | |
| IBM QRadar Security Information and Event Manager | =7.4.3-fix_pack_7 | |
| IBM QRadar Security Information and Event Manager | =7.5.0 | |
| IBM QRadar Security Information and Event Manager | =7.5.0-update_pack_1 | |
| IBM QRadar Security Information and Event Manager | =7.5.0-update_pack_2 | |
| IBM QRadar Security Information and Event Manager | =7.5.0-update_pack_3 | |
| Linux Linux kernel | ||
| IBM QRadar SIEM | <=7.4.0 - 7.4.3 Fix Pack 7 | |
| IBM QRadar SIEM | <=7.5.0 - 7.5.0 Update Pack 3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-34351?
The severity of CVE-2022-34351 is high, with a severity value of 7.5.
What is affected by CVE-2022-34351?
IBM QRadar SIEM versions 7.4.0 - 7.4.3 Fix Pack 7 and 7.5.0 - 7.5.0 Update Pack 3 are affected by CVE-2022-34351.
How can a non-tenant user exploit CVE-2022-34351?
A non-tenant user with a specific domain security profile assigned can exploit CVE-2022-34351 to view some data from other domains.
Is Linux affected by CVE-2022-34351?
No, Linux is not affected by CVE-2022-34351.
Where can I find more information about CVE-2022-34351?
You can find more information about CVE-2022-34351 at the following references: [IBM X-Force ID: 230402](https://exchange.xforce.ibmcloud.com/vulnerabilities/230402) and [IBM Support](https://www.ibm.com/support/pages/node/6955059).
- collector/nvd-index
- collector/ibm-support
- vendor/ibm
- canonical/ibm qradar security information and event manager
- version/ibm qradar security information and event manager/7.4.0
- version/ibm qradar security information and event manager/7.4.3
- version/ibm qradar security information and event manager/7.4.3-fix_pack_1
- version/ibm qradar security information and event manager/7.4.3-fix_pack_2
- version/ibm qradar security information and event manager/7.4.3-fix_pack_3
- version/ibm qradar security information and event manager/7.4.3-fix_pack_4
- version/ibm qradar security information and event manager/7.4.3-fix_pack_5
- version/ibm qradar security information and event manager/7.4.3-fix_pack_6
- version/ibm qradar security information and event manager/7.4.3-fix_pack_7
- version/ibm qradar security information and event manager/7.5.0
- version/ibm qradar security information and event manager/7.5.0-update_pack_1
- version/ibm qradar security information and event manager/7.5.0-update_pack_2
- version/ibm qradar security information and event manager/7.5.0-update_pack_3
- vendor/linux
- canonical/linux linux kernel
- canonical/ibm qradar siem
- version/ibm qradar siem/7.4.0 - 7.4.3 fix pack 7
- version/ibm qradar siem/7.5.0 - 7.5.0 update pack 3