CVE-2023-43057: 
IBM QRadar SIEM vulnerability analysis and mitigation

IBM QRadar SIEM 7.5.0 was identified with a cross-site scripting vulnerability (CVE-2023-43057), discovered in November 2023. This vulnerability affects versions from 7.5.0 through versions prior to 7.5.0 UP7 IF02. The vulnerability was reported by security researchers Dominik Baucke and Gerbert Roitburd from usd AG (IBM Advisory).

The vulnerability allows users to embed arbitrary JavaScript code in the Web UI, which can alter the intended functionality of the application. The vulnerability has been assigned a CVSS v3.1 base score of 5.4 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N. This indicates that the vulnerability requires network access, low attack complexity, low privileges, and user interaction to exploit (NVD).

The primary impact of this vulnerability is the potential disclosure of credentials within a trusted session. The cross-site scripting vulnerability could allow attackers to steal user session information and potentially gain unauthorized access to the system (IBM Advisory).

IBM has released a fix for this vulnerability in version 7.5.0 UP7 IF02. Organizations are strongly encouraged to update their systems promptly to this version. No temporary workarounds have been identified for this vulnerability (IBM Advisory).