Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-50950 |
IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. IBM X-Force ID: 275709. Published: January 17, 2024; 12:15:11 PM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-47146 |
IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified. IBM X-Force ID: 270372. Published: December 19, 2023; 5:15:07 PM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-43057 |
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 267484. Published: November 11, 2023; 11:15:31 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-43041 |
IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. This vulnerability is due to an incomplete fix for CVE-2022-34352. IBM X-Force ID: 266808. Published: October 28, 2023; 9:15:41 PM -0400 |
V3.1: 4.9 MEDIUM V2.0:(not available) |
CVE-2023-40367 |
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 263376. Published: October 14, 2023; 1:15:09 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-30994 |
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138 Published: October 14, 2023; 1:15:09 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-26276 |
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 248147. Published: June 27, 2023; 2:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-26274 |
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 248144. Published: June 27, 2023; 2:15:12 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-26273 |
IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 248134. Published: June 27, 2023; 2:15:12 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2022-34352 |
IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. IBM X-Force ID: 230403. Published: June 27, 2023; 2:15:11 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-43863 |
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. IBM X-Force ID: 239425. Published: March 22, 2023; 6:15:12 PM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2022-34351 |
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402. Published: February 17, 2023; 2:15:11 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-30613 |
IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366. Published: October 07, 2022; 1:15:10 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-22480 |
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889. Published: October 07, 2022; 1:15:09 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2021-39088 |
IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111. Published: July 28, 2022; 7:15:07 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-22424 |
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597. Published: July 20, 2022; 2:15:08 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2021-38936 |
IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893. Published: July 20, 2022; 2:15:08 PM -0400 |
V3.1: 4.9 MEDIUM V2.0:(not available) |
CVE-2021-29755 |
IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015. Published: July 20, 2022; 2:15:08 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |