CVE-2023-26279: 
IBM WinCollect vulnerability analysis and mitigation

IBM QRadar WinCollect Agent versions 10.0 through 10.1.7 contains a vulnerability that could allow a local user to perform unauthorized actions due to improper encoding. The vulnerability was assigned CVE-2023-26279 and was disclosed on November 23, 2023 (NVD, IBM Support).

The vulnerability is classified as CWE-116 (Improper Encoding or Escaping of Output). It has received a CVSS v3.1 base score of 7.8 (HIGH) from NIST with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, while IBM Corporation assigned a lower CVSS score of 3.3 (LOW) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N (NVD).

The vulnerability could allow a local user with limited privileges to perform unauthorized actions on the affected system. The impact primarily affects the integrity of the system, with no direct impact on confidentiality or availability according to IBM's assessment (IBM Support).

IBM recommends customers upgrade their systems to WinCollect standalone agent version 10.1.8. Detailed upgrade instructions are available in the WinCollect 10.1.8 release notes. No temporary workarounds are available for this vulnerability (IBM Support).