VDB
CVE-2022-24823
CVE-2022-24823
PUBLISHED
CVSS 8.699999809265137 HIGH
In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
EPSS 0.40% · 61.2th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.40%
61.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Communications 22.1.0 | |
| Oracle | Oracle Communications 22.3.0 | |
| IBM | IBM Tivoli Network Manager 4.2.0 | |
| Oracle | Oracle Communications 22.2.3 | |
| Oracle | Oracle Communications 22.2.2 | |
| Atlassian | Atlassian Bitbucket <9.4.13 (LTS) | |
| JFrog | JFrog Artifactory <7.46.3 | |
| Fedora | Fedora Linux | |
| Dell | Dell PowerEdge | |
| Hitachi | Hitachi Ops Center | |
| Oracle | Oracle Communications 22.1.0.0.0 | |
| IBM | IBM QRadar SIEM 7.5 | |
| IBM | IBM Tivoli Network Manager <= 4.2.0.15 | |
| Oracle | Oracle Communications 8.0.0 | |
| IBM | IBM Security Guardium 11.3 | |
| Dell | Dell ECS <3.8.1.0 | |
| Atlassian | Atlassian Bitbucket <10.0.2 | |
| Oracle | Oracle Communications 22.1.1 | |
| Oracle | Oracle Financial Services Applications 2.6.2 | |
| Oracle | Oracle Communications <=22.4.0 |
…and 35 more
Exploit Intelligence
Timeline
- May 6, 2022 CVE Published
- May 7, 2022 EPSS Score
- May 10, 2022 CVE Updated
- Jun 25, 2022 EPSS Score
- Aug 15, 2022 EPSS Score
- Oct 3, 2022 EPSS Score
- Nov 22, 2022 EPSS Score
- Feb 28, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 19, 2023 EPSS Score
- Jun 7, 2023 EPSS Score
- Jul 27, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0508.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0508 advisory
- https://www.ibm.com/support/pages/node/7030939 advisory
- https://www.ibm.com/support/pages/node/6594755 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0901.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0901 advisory
- https://access.redhat.com/errata/RHSA-2022:5892 advisory
- https://access.redhat.com/errata/RHSA-2022:5893 advisory
- https://access.redhat.com/errata/RHSA-2022:5894 advisory
- https://access.redhat.com/errata/RHSA-2022:5928 advisory
- https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities advisory
- https://access.redhat.com/errata/RHSA-2022:6819 advisory
- https://access.redhat.com/errata/RHSA-2022:6916 advisory
- https://access.redhat.com/errata/RHSA-2022:8524 advisory
- https://access.redhat.com/errata/RHSA-2022:8652 advisory
- https://access.redhat.com/errata/RHSA-2023:0612 advisory
- https://access.redhat.com/errata/RHSA-2025:1747 advisory
- https://access.redhat.com/errata/RHSA-2025:4226 advisory
- https://access.redhat.com/errata/RHSA-2025:4437 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0027.json advisory
…and 40 more