IBM QRadar SIEM XSS Flaw Let Attackers Execute JavaScript code

Two medium-severity vulnerabilities were stumbled on within the generally broken-down IBM QRadar SIEM, connected to Immoral-Web online page Scripting (XSS) and Recordsdata disclosure. The vulnerabilities were assigned with CVE-2023-40367 and CVE-2023-30994.

IBM has launched patches for fixing these vulnerabilities and urges users to upgrade to the latest model of IBM QRadar.

CVE-2023-40367: IBM QRadar SIEM irascible-put scripting

A possibility actor can exploit this vulnerability, allowing them to insert arbitrary JavaScript code within the Web UI, which may maybe maybe maybe well alter the authentic performance and doubtlessly result in credentials disclosure within a depended on session.

The severity for this vulnerability has been given as 5.4 (Medium). This vulnerability falls below the weak spot enumeration CWE-Seventy nine “Execrable Neutralization of Enter True via Web Page Generation (‘Immoral-put Scripting‘).”

CVE-2023-30994: IBM QRadar SIEM data disclosure

This vulnerability exists attributable to weaker cryptographic algorithms, which may maybe maybe maybe well also additionally be decrypted by a possibility actor, doubtlessly resulting within the retrieval of extremely sensitive data. The severity for this vulnerability has been given as 5.9 (Medium).

Affected Merchandise

Merchandise plagued by these vulnerabilities are mentioned below

There is no longer any evidence of those vulnerabilities being exploited by possibility actors within the wild nor a publicly accessible exploit for exploiting this vulnerability.

Nonetheless, various vulnerabilities had been mounted as half of the safety bulletin printed by IBM for IBM QRadar SIEM. The severity of the vulnerabilities ranges from 3.7 (Low) to 9.8 (Significant).

Customers of IBM QRadar SIEM are urged to upgrade to the latest model of IBM QRadar to repair this vulnerability and prevent them from getting exploited by possibility actors.