Medium Severity

Security Bulletin: IBM QRadar SIEM is vulnerable to cross-site scripting (XSS) (CVE-2022-22345)

May 10, 2022

Share this post:

IBM QRadar SIEM is vulnerable to cross site scripting (XSS). IBM QRadar SIEM has addressed the applicable CVEs.

CVE(s): CVE-2022-22320

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM QRadar SIEM	7.4
IBM QRadar SIEM	7.3

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6584451
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/218367

Medium Severity

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to string injection vulnerability due to Node.js (CVE-2021-44532, CVE-2021-44532 )

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Apr 2022 – Includes Oracle April 2022 CPU (minus CVE-2022-21426)affects IBM Security Verify Governance, Identity Manager virtual appliance component

August 17, 2022 | Medium Severity

IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the applicable CVE. ...read more

Security Bulletin: Samba for IBM i is vulnerable to attacker obtaining sensitive information due to a memory leak with SMB1 requests (CVE-2022-32742)

August 17, 2022 | Medium Severity

Samba for IBM i is vulnerable to an attacker obtaining sensitive information due to a memory leak handling SMB1 requests as described in the vulnerability details section. IBM i has addressed the vulnerability in Samba with a fix as described in the remediation/fixes section. ...read more

Security Bulletin: A security vulnerability has been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component (CVE-2022-21496)

August 16, 2022 | Medium Severity

IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerability. ...read more

Medium Severity

Security Bulletin: IBM QRadar SIEM is vulnerable to cross-site scripting (XSS) (CVE-2022-22345)

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to string injection vulnerability due to Node.js (CVE-2021-44532, CVE-2021-44532 )

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Apr 2022 – Includes Oracle April 2022 CPU (minus CVE-2022-21426)affects IBM Security Verify Governance, Identity Manager virtual appliance component

August 17, 2022 | Medium Severity

Security Bulletin: Samba for IBM i is vulnerable to attacker obtaining sensitive information due to a memory leak with SMB1 requests (CVE-2022-32742)

August 17, 2022 | Medium Severity

Security Bulletin: A security vulnerability has been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component (CVE-2022-21496)

August 16, 2022 | Medium Severity