Lucene search

Qradar Wincollect Security Vulnerabilities - 2023

cve

CVE-2021-39008

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551.

4.9CVSS

4.6AI Score

0.0005EPSS

2023-11-23 11:15 PM

cve

CVE-2023-26277

IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the system due to execution with unnecessary privileges. IBM X-Force ID: 248156.

7.8CVSS

7.5AI Score

0.0004EPSS

2023-05-31 07:15 PM

cve

CVE-2023-26278

IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain elevated privileges on the system. IBM X-Force ID: 248158.

8.2CVSS

7.3AI Score

0.0004EPSS

2023-05-31 08:15 PM

cve

CVE-2023-26279

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. IBM X-Force ID: 248160.

7.8CVSS

7.1AI Score

0.0004EPSS

2023-11-24 12:15 AM

cve

CVE-2023-38736

IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542.

7.8CVSS

7.7AI Score

0.0004EPSS

2023-09-08 07:15 PM