IBM recently revealed critical vulnerabilities in QRadar Suite Software and IBM Cloud Pak for Security. Exploitation of these flaws could let attackers execute arbitrary code remotely, posing serious security risks. IBM has released a fix and urges users to update their systems right away.
All about the Vulnerability
CVE-2024-28176: The Node.js jose
module has a flaw in JWE decryption that can lead to a denial-of-service attack. Attackers can exploit this vulnerability by sending a specially crafted request, causing excessive CPU or memory usage. CVSS Base Score: 5.3.
CVE-2024-34064: Jinja’s xmlattr
filter is vulnerable to cross-site scripting due to accepting keys with non-attribute characters. This flaw can allow remote attackers to inject attributes into web pages, potentially stealing cookie-based authentication credentials. CVSS Base Score: 5.4.
CVE-2024-3651: The idea
module can cause a denial of service when a local user provides a specially crafted argument to the idea.encode()
function. CVSS Base Score: 6.2.
CVE-2024-25024: IBM QRadar Suite stores user credentials in plain text, which can be accessed by a local user. CVSS Base Score: 6.2.
CVE-2024-37168: The gRPC module for Node.js has a memory allocation flaw that can lead to a denial of service attack if exploited by sending specially crafted messages. CVSS Base Score: 5.3.
CVE-2024-30260: The Node.js undici
module mishandles Authorization headers, allowing remote authenticated attackers to access sensitive information. CVSS Base Score: 3.9.
CVE-2024-30261: The Node.js undici
module has a security restriction bypass, allowing tampered requests with fetch()
. CVSS Base Score: 2.6.
CVE-2024-28799: IBM QRadar Suite Software improperly displays sensitive data during back-end commands, risking information disclosure. CVSS Base Score: 5.1.
CVE-2024-39008: The fast-loops
module by robinweser allows remote code execution due to a prototype pollution vulnerability. CVSS Base Score: 9.8.
CVE-2024-29415: The Node.js ip
module is vulnerable to server-side request forgery (SSRF), enabling attackers to conduct SSRF attacks. CVSS Base Score: 7.5.
Affected Products and Versions
The following products and versions are affected:
- IBM Cloud Pak for Security: 1.10.0.0 to 1.10.11.0
- QRadar Suite Software: 1.10.12.0 to 1.10.23.0
Upgrade to version 1.10.24.0 or later to resolve these vulnerabilities.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment