What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2023-40367.

What is the severity of CVE-2023-40367?

The severity of CVE-2023-40367 is medium with a severity value of 5.4.

What is the affected software version?

The affected software version is IBM QRadar SIEM 7.5.0 - 7.5.0 UP6.

What is the potential impact of this vulnerability?

This vulnerability allows users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session.

Are there any references for this vulnerability?

Yes, you can find references for this vulnerability at the following links: [Vulnerability Details](https://exchange.xforce.ibmcloud.com/vulnerabilities/263376) and [IBM Support](https://www.ibm.com/support/pages/node/7049133).

Vulnerability/
CVE-2023-40367

medium

5.4

CWE

10/10/2023

14/10/2023

16/9/2024

CVE-2023-40367: IBM QRadar SIEM cross-site scripting

First published: Tue Oct 10 2023(Updated: )

IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 263376.

Credit: psirt@us.ibm.com psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM QRadar Security Information and Event Manager	=7.5.0
IBM QRadar Security Information and Event Manager	=7.5.0-update_pack_1
IBM QRadar Security Information and Event Manager	=7.5.0-update_pack_2
IBM QRadar Security Information and Event Manager	=7.5.0-update_pack_3
IBM QRadar Security Information and Event Manager	=7.5.0-update_pack_4
IBM QRadar Security Information and Event Manager	=7.5.0-update_pack_5
IBM QRadar Security Information and Event Manager	=7.5.0-update_pack_6
Linux Linux kernel
IBM QRadar SIEM	<=7.5.0 - 7.5.0 UP6

Remedy

https://www.ibm.com/support/pages/node/7049133

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7049133

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2023-40367.
What is the severity of CVE-2023-40367?
The severity of CVE-2023-40367 is medium with a severity value of 5.4.
What is the affected software version?
The affected software version is IBM QRadar SIEM 7.5.0 - 7.5.0 UP6.
What is the potential impact of this vulnerability?
This vulnerability allows users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session.
Are there any references for this vulnerability?
Yes, you can find references for this vulnerability at the following links: [Vulnerability Details](https://exchange.xforce.ibmcloud.com/vulnerabilities/263376) and [IBM Support](https://www.ibm.com/support/pages/node/7049133).

collector/nvd-api
collector/nvd-index
agent/author
agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/weakness
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/title
agent/tags
agent/event
vendor/ibm
canonical/ibm qradar security information and event manager
version/ibm qradar security information and event manager/7.5.0
version/ibm qradar security information and event manager/7.5.0-update_pack_1
version/ibm qradar security information and event manager/7.5.0-update_pack_2
version/ibm qradar security information and event manager/7.5.0-update_pack_3
version/ibm qradar security information and event manager/7.5.0-update_pack_4
version/ibm qradar security information and event manager/7.5.0-update_pack_5
version/ibm qradar security information and event manager/7.5.0-update_pack_6
vendor/linux
canonical/linux linux kernel
canonical/ibm qradar siem
version/ibm qradar siem/7.5.0 - 7.5.0 up6