Skip to main content

Qradar Incident Forensics CVE-2018-1568

LOW
Information Exposure (CWE-200)
2018-12-05 psirt@us.ibm.com
3.3
CVSS 3.0 · NVD

Severity by source

NVD PRIMARY
3.3 LOW
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Dec 05, 2018 - 17:29 nvd
LOW 3.3

DescriptionNVD

IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 143118.

AnalysisAI

IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Technical ContextAI

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 143118. Affected products include: Ibm Qradar Incident Forensics.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

CVE-2016-9726 HIGH
8.8 Mar 07

IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the syste

CVE-2016-9727 HIGH
8.5 Mar 07

IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. Rated high sever

CVE-2018-1648 HIGH
7.5 Dec 05

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt h

CVE-2018-1647 HIGH
7.5 Oct 05

IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict the size or amount of resources requested which cou

CVE-2018-1649 MEDIUM
6.5 Oct 05

IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. Rated med

CVE-2016-9723 MEDIUM
6.1 Mar 07

IBM QRadar 7.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely e

CVE-2018-1650 MEDIUM
5.5 Dec 05

IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass the authentication confi

CVE-2017-1133 MEDIUM
5.4 Mar 07

IBM QRadar 7.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely e

CVE-2018-1728 MEDIUM
5.4 Dec 05

IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability

CVE-2016-9720 MEDIUM
5.3 Mar 07

IBM QRadar 7.2 discloses sensitive information to unauthorized users. Rated medium severity (CVSS 5.3), this vulnerabili

CVE-2016-9730 MEDIUM
4.3 Mar 07

IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute m

CVE-2025-36042 MEDIUM
5.4 Aug 22

IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), thi

Share

CVE-2018-1568 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy