Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_4:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-43863 |
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. IBM X-Force ID: 239425. Published: March 22, 2023; 6:15:12 PM -0400 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2022-34351 |
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402. Published: February 17, 2023; 2:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-30613 |
IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366. Published: October 07, 2022; 1:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-22480 |
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889. Published: October 07, 2022; 1:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2021-39088 |
IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111. Published: July 28, 2022; 7:15:07 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-22424 |
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597. Published: July 20, 2022; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2021-38936 |
IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893. Published: July 20, 2022; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 4.9 MEDIUM V2.0:(not available) |
CVE-2021-29755 |
IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015. Published: July 20, 2022; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2021-29779 |
IBM QRadar SIEM 7.3 and 7.4 could allow an attacker to obtain sensitive information due to the server performing key exchange without entity authentication on inter-host communications using man in the middle techniques. IBM X-Force ID: 203033. Published: December 01, 2021; 12:15:07 PM -0500 |
V4.0:(not available) V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |