CVE-2023-40550 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-40550 PUBLISHED CVSS 8.699999809265137 HIGH

In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese Fehler besteht in rhboot-Shim aufgrund eines Out-of-Bound-Lesefehlers in der Funktion verify_buffer_sbat(). Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.

EPSS 0.02% · 6.5th percentile

Risk Scores

CVSS v4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.02%

6.5th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux
Oracle	Oracle Linux
IBM	IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
Debian	Debian Linux
IBM	IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM	IBM QRadar SIEM <7.5.0 UP8 IF03
Red Hat	Red Hat Enterprise Linux 9
SUSE	SUSE Linux
IBM	IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM	IBM Power Hardware Management Console <V10.3.1060.0 ppc
Red Hat	Red Hat Enterprise Linux 8.2

Timeline

Jan 29, 2024 CVE Published
Jan 31, 2024 EPSS Score
Feb 27, 2024 EPSS Score
Mar 25, 2024 EPSS Score
Apr 21, 2024 EPSS Score
May 18, 2024 EPSS Score
Jun 14, 2024 EPSS Score
Jul 11, 2024 EPSS Score
Aug 7, 2024 EPSS Score
Sep 3, 2024 EPSS Score
Sep 30, 2024 EPSS Score
Oct 27, 2024 EPSS Score

References

…and 13 more

Open in Interactive Console →