2 matches found
CVE-2025-36377
CVE-2025-36377 affects IBM Security QRadar EDR versions 3.12–3.12.23, where sessions are not invalidated after expiration, allowing an authenticated user to impersonate another user. Connected IBM bulletin confirms remediation: upgrade to QRadar EDR 3.12.24 or later. NVD notes CVSS v3.1 vector wi...
CVE-2023-33859
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697...