CVE-2024-22355

Summary

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 280781.

Affected Software

VendorProductVersion RangeStatus
IBMQRadar Suite Products1.10.12.0 <= 1.10.18.0affected
IBMCloud Pak for Security1.10.0.0 <= 1.10.11.0affected

Weaknesses

  • CWE-521: CWE-521 Weak Password Requirements

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References