CVE-2024-22355

Summary

CVE-2024-22355 is a vulnerability that affects IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0, allowing attackers to compromise user accounts due to the lack of strong password requirements by default. The vulnerability has a base severity rating of MEDIUM with a base score of 5.9 according to the CVSS:3.1 scoring system, indicating a moderate risk level. The confidentiality impact is rated as HIGH, while the integrity impact is NONE and availability impact is NONE. The vulnerability is considered secondary and has an exploitability score of 2.2, suggesting it may be relatively easy for attackers to exploit via a network attack vector but does not require any privileges or user interaction. There is no available analysis description for this specific vulnerability at this time, and it was reported by [email protected] with no changes in scope or curated status mentioned in the information provided. Note: The provided information lacks specific details about remediation steps or potential danger beyond compromising user accounts due to weak passwords, which may pose risks such as unauthorized access or data breaches for organizations using the affected IBM products mentioned above.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.