IBM Support

IJ28496: ATTACKER DATA FROM ANOTHER DOMAIN CAN BE VIEWED BY USERS NOT AUTHORIZED FOR THAT DOMAIN

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • Users that are assigned rights to a specific domain can see
    attacker info from a domain they have not been assigned to in
    multi domain QRadar environments.
    For example:
    When viewing the top source dashboard targets, attacker data
    from a different domain can be observed.
    

Local fix

  • Contact Support for a possible workaround that might address
    this issue in some instances.
    

Problem summary

  • This issue was fixed in QRadar QRM QVM release of 7.4.2
    FixPack 2 and 7.3.3 FixPack 8.
    

Problem conclusion

  • This issue was fixed in QRadar QRM QVM release of 7.4.2
    FixPack 2 and 7.3.3 FixPack 8.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IJ28496

  • Reported component name

    QRADAR SOFTWARE

  • Reported component ID

    5725QRDSW

  • Reported release

    740

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2020-10-01

  • Closed date

    2021-01-28

  • Last modified date

    2021-05-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    QRADAR SOFTWARE

  • Fixed component ID

    5725QRDSW

Applicable component levels

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"740"}]

Document Information

Modified date:
04 May 2021