Qradar Security Information And Event Manager@7.5 Security Vulnerabilities and Issues — Qradar Security Information And Event Manager@7.5 CVE List

Lucene search

IbmQradar Security Information And Event Manager7.5

13 matches found

CVE•added 2024/12/07 3:15 p.m.•97 views

CVE-2024-47107

IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.4CVSS6AI score0.00037EPSS

CVE•added 2023/01/17 7:15 p.m.•82 views

CVE-2023-22875

IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356.

8.4CVSS7.5AI score0.00043EPSS

CVE•added 2024/03/27 1:15 p.m.•68 views

CVE-2024-28784

IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893.

5.4CVSS5.3AI score0.00159EPSS

CVE•added 2023/10/29 1:15 a.m.•67 views

CVE-2023-43041

IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. This vulnerability is due to an incomplete fix for CVE-2022-34352. IBM X-Force ID: 266808.

6.5CVSS5.7AI score0.00064EPSS

CVE•added 2024/05/14 3:11 p.m.•67 views

CVE-2024-27269

IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575.

6.8CVSS5.8AI score0.00058EPSS

CVE•added 2024/03/27 1:15 p.m.•63 views

CVE-2023-50961

IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 275939.

5.4CVSS4.8AI score0.00048EPSS

CVE•added 2023/03/22 10:15 p.m.•60 views

CVE-2022-43863

IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. IBM X-Force ID: 239425.

7.2CVSS6.8AI score0.00045EPSS

CVE•added 2022/07/28 11:15 p.m.•56 views

CVE-2021-39088

IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111.

7.8CVSS7.7AI score0.00029EPSS

CVE•added 2022/07/12 7:15 p.m.•48 views

CVE-2021-39041

IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028.

5.3CVSS4.9AI score0.00522EPSS

CVE•added 2024/04/11 5:15 p.m.•48 views

CVE-2023-50949

IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation. IBM X-Force ID: 275706.

8.1CVSS6.4AI score0.00075EPSS

CVE•added 2025/01/28 12:15 a.m.•45 views

CVE-2024-28786

IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.

6.5CVSS6.6AI score0.00011EPSS

CVE•added 2023/12/19 10:15 p.m.•34 views

CVE-2023-47146

IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified. IBM X-Force ID: 270372.

6.5CVSS5.3AI score0.00046EPSS

CVE•added 2024/01/17 5:15 p.m.•27 views

CVE-2023-50950

IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. IBM X-Force ID: 275709.

5.3CVSS5AI score0.00077EPSS