{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-47726", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2023-11-09T11:31:22.401Z", "datePublished": "2024-06-18T13:40:39.683Z", "dateUpdated": "2024-08-02T21:16:43.641Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:qradar_suite:1.10.21.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.21.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "QRadar Suite Software", "vendor": "IBM", "versions": [{"lessThanOrEqual": "1.10.21.0", "status": "affected", "version": "1.10.12.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Cloud Pak for Security", "vendor": "IBM", "versions": [{"lessThanOrEqual": "1.10.21.0", "status": "affected", "version": "1.10.12.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087."}], "value": "IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1287", "description": "CWE-1287 Improper Validation of Specified Type of Input", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2024-06-18T13:40:39.683Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://https://www.ibm.com/support/pages/node/7157750"}, {"tags": ["vdb-entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272087"}], "source": {"discovery": "UNKNOWN"}, "title": "IBM QRadar Suite improper input validation", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-26T20:31:06.948638Z", "id": "CVE-2023-47726", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-26T20:31:26.980Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:16:43.641Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://https://www.ibm.com/support/pages/node/7157750"}, {"tags": ["vdb-entry", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272087"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://https://www.ibm.com/support/pages/node/7157750", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272087", "tags": ["vdb-entry", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:16:43.641Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-47726", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-26T20:31:06.948638Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-26T20:31:23.932Z"}}], "cna": {"title": "IBM QRadar Suite improper input validation", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:qradar_suite:1.10.21.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.21.0:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "QRadar Suite Software", "versions": [{"status": "affected", "version": "1.10.12.0", "versionType": "semver", "lessThanOrEqual": "1.10.21.0"}], "defaultStatus": "unaffected"}, {"vendor": "IBM", "product": "Cloud Pak for Security", "versions": [{"status": "affected", "version": "1.10.12.0", "versionType": "semver", "lessThanOrEqual": "1.10.21.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://https://www.ibm.com/support/pages/node/7157750", "tags": ["vendor-advisory"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272087", "tags": ["vdb-entry"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087.", "supportingMedia": [{"type": "text/html", "value": "IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1287", "description": "CWE-1287 Improper Validation of Specified Type of Input"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2024-06-18T13:40:39.683Z"}}}, "cveMetadata": {"cveId": "CVE-2023-47726", "state": "PUBLISHED", "dateUpdated": "2024-08-02T21:16:43.641Z", "dateReserved": "2023-11-09T11:31:22.401Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2024-06-18T13:40:39.683Z", "assignerShortName": "ibm"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087."}, {"lang": "es", "value": "IBM QRadar Suite Software 1.10.12.0 a 1.10.21.0 e IBM Cloud Pak for Security 1.10.12.0 a 1.10.21.0 podr\u00edan permitir que un usuario autenticado ejecute ciertos comandos arbitrarios debido a una validaci\u00f3n de entrada incorrecta. ID de IBM X-Force: 272087."}], "id": "CVE-2023-47726", "lastModified": "2024-06-20T12:44:01.637", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "psirt@us.ibm.com", "type": "Secondary"}]}, "published": "2024-06-18T14:15:10.317", "references": [{"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272087"}, {"source": "psirt@us.ibm.com", "url": "https://https://www.ibm.com/support/pages/node/7157750"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1287"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}