Qradar Security Information And Event Manager Security Vulnerabilities and Issues — Qradar Security Information And Event Manager CVE List

Lucene search

IbmQradar Security Information And Event Manager

9 matches found

CVE•added 2025/02/14 5:15 p.m.•85 views

CVE-2024-56463

IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

4.8CVSS6.3AI score0.00048EPSS

CVE•added 2025/01/28 12:15 a.m.•47 views

CVE-2024-28786

IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.

6.5CVSS6.6AI score0.00012EPSS

CVE•added 2025/06/19 6:15 p.m.•20 views

CVE-2025-33117

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands.

9.1CVSS9.4AI score0.0006EPSS

CVE•added 2025/07/15 3:15 p.m.•14 views

CVE-2025-33097

IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.4CVSS5.8AI score0.00031EPSS

CVE•added 2025/08/01 6:15 p.m.•8 views

CVE-2025-33118

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

6.4CVSS5.8AI score0.00031EPSS

CVE•added 2025/08/22 3:15 p.m.•8 views

CVE-2025-33120

IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.

7.8CVSS6.6AI score0.00015EPSS

CVE•added 2025/06/19 6:15 p.m.•8 views

CVE-2025-33121

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.

7.1CVSS7AI score0.00265EPSS

CVE•added 2025/08/22 3:15 p.m.•6 views

CVE-2025-36042

IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS6AI score0.00027EPSS

CVE•added 2025/06/19 6:15 p.m.•6 views

CVE-2025-36050

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local user.

6.2CVSS6AI score0.00017EPSS