CVE-2022-43880: 
IBM WinCollect vulnerability analysis and mitigation

IBM QRadar WinCollect Agent versions 10.0 through 10.1.2 contains a vulnerability that could allow a privileged user to cause a denial of service. The vulnerability was assigned CVE-2022-43880 and IBM X-Force ID: 240151. The issue was publicly disclosed and patched in April 2023 (IBM Security).

The vulnerability has been assigned a CVSS 3.0 Base Score of 4.4 (Medium) with the following vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. This indicates that the vulnerability requires local access, low attack complexity, and high privileges to exploit. While it doesn't impact confidentiality or integrity, it can have a high impact on availability (X-Force Exchange).

The successful exploitation of this vulnerability could allow a privileged attacker to cause a denial of service condition in the affected IBM QRadar WinCollect Agent installations. The impact is limited to availability with no effect on system confidentiality or integrity (IBM Security).

IBM recommends customers upgrade their systems to WinCollect standalone agent version 10.1.3. The upgrade is available for both 32-bit and 64-bit systems and for QRadar versions 7.4 and 7.5. Detailed upgrade instructions are available in the WinCollect 10.1.3 release notes. No workarounds are available for this vulnerability (IBM Security).