VDB
CVE-2022-40153
CVE-2022-40153
PUBLISHED
CVSS 8.699999809265137 HIGH
In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
EPSS 0.88% · 27.0th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.88%
27.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM Business Automation Workflow traditional 21.0.3.1 | |
| IBM | IBM QRadar SIEM 7.5 | |
| IBM | IBM Business Automation Workflow traditional 19.0.0.3 | |
| Oracle | Oracle Fusion Middleware 12.2.1.4.0 | |
| Dell | Dell NetWorker | |
| IBM | IBM SPSS Collaboration and Deployment Services | |
| IBM | IBM Business Automation Workflow traditional 22.0.1 | |
| Dell | Dell ECS <3.8.1.0 | |
| IBM | IBM Business Automation Workflow traditional 21.0.2 | |
| IBM | IBM Business Automation Workflow traditional 20.0.0.2 | |
| Red Hat | Red Hat Enterprise Linux | |
| Red Hat | Red Hat Enterprise Linux Integration Camel Extensions for Quarkus | |
| Oracle | Oracle Fusion Middleware 8.5.6 | |
| Oracle | Oracle Fusion Middleware 5.9.0.0.0 | |
| Oracle | Oracle Fusion Middleware 14.1.1.0.0 | |
| Oracle | Oracle Fusion Middleware 6.4.0.0.0 | |
| Oracle | Oracle Fusion Middleware 12.2.1.3.0 | |
| IBM | IBM InfoSphere Information Server 11.7 | |
| Dell | Dell PowerEdge | |
| IBM | IBM Business Automation Workflow traditional 20.0.0.1 |
…and 1 more
Exploit Intelligence
- https://www.cisa.gov/news-events/alerts/2023/05/01/cisa-adds-three-known-exploited-vulnerabilities-catalog (certbund)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- CVE-2022-2588.yara (github-yara)
- CVE-2022-2588.yara (github-yara)
- CVE-2022-2588.yara (github-yara)
…and 15 more exploits
Timeline
- Sep 17, 2022 EPSS Score
- Sep 19, 2022 EPSS Score
- Sep 22, 2022 EPSS Score
- Sep 24, 2022 EPSS Score
- Sep 27, 2022 EPSS Score
- Sep 29, 2022 EPSS Score
- Oct 1, 2022 EPSS Score
- Oct 4, 2022 EPSS Score
- Oct 6, 2022 EPSS Score
- Oct 8, 2022 EPSS Score
- Oct 11, 2022 EPSS Score
- Oct 13, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2264.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2264 advisory
- https://change.sos-berlin.com/browse/JOC-1400?src=confmacro advisory
- https://change.sos-berlin.com/browse/JOC-1435?src=confmacro advisory
- https://change.sos-berlin.com/browse/JOC-1442?src=confmacro advisory
- https://kb.sos-berlin.com/display/PKB/Vulnerability+Release+1.13.17 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0132.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0132 advisory
- https://www.cisa.gov/news-events/alerts/2023/05/01/cisa-adds-three-known-exploited-vulnerabilities-catalog exploit
- https://www.oracle.com/security-alerts/cpujan2023.html#AppendixFMW advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0209.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0209 advisory
- https://access.redhat.com/errata/RHSA-2023:0469 advisory
- https://access.redhat.com/errata/RHSA-2023:0544 advisory
- https://access.redhat.com/errata/RHSA-2023:3815 advisory
- https://www.dell.com/support/kbdoc/000220649/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220669/dsa-2023-= advisory
- https://access.redhat.com/errata/RHSA-2025:4226 advisory
- https://www.ibm.com/support/pages/node/7245569 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0809.json advisory
…and 19 more