Lucene search
K

80 matches found

Cvelist
Cvelist
added 2021/08/02 4:0 p.m.18 views

CVE-2021-29757

IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168...

4.3CVSS8.4AI score0.00397EPSS
Exploits0References2
CNVD
CNVD
added 2021/08/02 12:0 a.m.7 views

IBM QRadar User Behavior Analytics Cross-Site Request Forgery Vulnerability

IBM QRadar User Behavior Analytics UBA is a user behavior analysis software from IBM, USA. User activity can be analyzed to detect suspicious insiders and determine if user credentials have been stolen. Security analysts can easily view at-risk users, examine their anomalous activity, and drill...

8.8CVSS6.5AI score0.00397EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/31 12:13 a.m.20 views

Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM performs improper CSRF checking for some components ( CVE-2021-29757)

Summary User Behavior Analytics application add on to IBM QRadar SIEM performs improper CSRF checking for some components. Vulnerability Details CVEID: CVE-2021-29757 DESCRIPTION: IBM QRadar User Behavior Analytics is vulnerable to cross-site request forgery which could allow an attacker to execu...

8.8CVSS1.6AI score0.00397EPSS
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2021/07/07 12:53 p.m.30 views

[Whitepaper] XDR vs. NDR/NTA – What do Organizations Truly Need to Stay Safe?

Security teams whose organizations are outside the Fortune 500 are faced with a dilemma. Most teams will have to choose between deploying either a network traffic analysis NTA or network detection and response NDR tool or an endpoint detection and response EDR tool to supplement their existing...

1AI score
Exploits0
CNVD
CNVD
added 2021/05/17 12:0 a.m.10 views

IBM QRadar User Behavior Analytics Information Disclosure Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An information...

4CVSS5.9AI score0.00249EPSS
Exploits0References1
OSV
OSV
added 2021/05/14 5:15 p.m.6 views

CVE-2021-20429

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334...

5.3CVSS5.7AI score0.00822EPSS
Exploits0References2
NVD
NVD
added 2021/05/14 5:15 p.m.28 views

CVE-2021-20391

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999...

4CVSS0.00249EPSS
Exploits0References2
OSV
OSV
added 2021/05/14 5:15 p.m.7 views

CVE-2021-20392

IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

6.1CVSS6AI score0.00653EPSS
Exploits0References2
NVD
NVD
added 2021/05/14 5:15 p.m.19 views

CVE-2021-20393

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001...

7.5CVSS0.01443EPSS
Exploits0References2
NVD
NVD
added 2021/05/14 5:15 p.m.20 views

CVE-2021-20392

IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

6.1CVSS0.00653EPSS
Exploits0References2
OSV
OSV
added 2021/05/14 5:15 p.m.8 views

CVE-2021-20391

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999...

3.3CVSS5.8AI score0.00249EPSS
Exploits0References2
NVD
NVD
added 2021/05/14 5:15 p.m.16 views

CVE-2021-20429

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334...

5.3CVSS0.00822EPSS
Exploits0References2
Prion
Prion
added 2021/05/14 5:15 p.m.20 views

Cross site scripting

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334...

5CVSS4.9AI score0.00822EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/05/14 5:15 p.m.18 views

Information disclosure

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001...

5CVSS6.9AI score0.01443EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/05/14 5:15 p.m.22 views

Code injection

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999...

2.1CVSS3.3AI score0.00249EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/05/14 5:15 p.m.15 views

Cross site scripting

IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

4.3CVSS5.8AI score0.00653EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/05/14 4:15 p.m.38 views

CVE-2021-20429

CVE-2021-20429 affects IBM QRadar User Behavior Analytics add-on for QRadar SIEM (versions 1.0.0–4.1.0). The root cause is an overly permissive cross-domain policy (CORS) that can disclose sensitive information. IBM’s bulletin cites CVSSv3.0 base score 3.7 and recommends upgrading to version 4.1....

5.3CVSS4.9AI score0.00822EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/14 4:15 p.m.18 views

CVE-2021-20429

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334...

3.7CVSS5.1AI score0.00822EPSS
Exploits0References2
CVE
CVE
added 2021/05/14 4:15 p.m.39 views

CVE-2021-20393

CVE-2021-20393 affects IBM QRadar User Behavior Analytics (UBA) add-on for QRadar SIEM, versions 1.0.0–4.1.0 . The underlying issue is an information disclosure vulnerability where a detailed technical error message returned in the browser can reveal sensitive data, potentially enabling further a...

7.5CVSS7AI score0.01443EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/14 4:15 p.m.23 views

CVE-2021-20393

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001...

5.3CVSS7AI score0.01443EPSS
Exploits0References2
Rows per page
Query Builder