September 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Flaws Found in Industrial Remote Access Tool Ewon Cosy+ Cause Root Access Attacks
August 13, 2024
Cobalt Strike Malware – Active IOCs
August 13, 2024
Flaws Found in Industrial Remote Access Tool Ewon Cosy+ Cause Root Access Attacks
August 13, 2024
Cobalt Strike Malware – Active IOCs
August 13, 2024
Severity
Medium
Analysis Summary
CVE-2022-38382
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another user to impersonate another user on the system and obtain sensitive information.
Impact
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2022-38382
Affected Vendors
IBM
Affected Products
- IBM Cloud Pak for Security 1.10.0.0
- IBM Cloud Pak for Security 1.10.11.0
- IBM QRadar Suite Software 1.10.12.0
- IBM Cloud Pak for Security 1.10
- IBM QRadar Suite Software 1.10.23.0
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.