CVE-2024-56464
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-15
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | qradar_siem | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-548 | The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There are no specific detection methods or commands provided to identify this vulnerability on your network or system. IBM recommends applying the update QRadar 7.5.0 UP14 IF02 to address the issue, and no workarounds or mitigations are available. [1]
Can you explain this vulnerability to me?
This vulnerability in IBM QRadar SIEM versions 7.5 to 7.5.0 UP14 IF01 involves information disclosure due to exposure of directory information. It means that sensitive directory data could be accessed by unauthorized users.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of directory information, potentially exposing sensitive data. However, the impact is limited to confidentiality as it does not affect integrity or availability.
What immediate steps should I take to mitigate this vulnerability?
Apply the latest update provided by IBM for QRadar SIEM 7.5 - 7.5.0 UP14 IF01, as IBM has addressed this vulnerability in that update.