Ibm: >> Qradar Security Information And Event Manager Security Vulnerabilities
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local user.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-06-19
IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
4.8
EPSS Score
0.001
Published
2025-02-14
IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-01-28
IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
6.4
EPSS Score
0.001
Published
2024-12-07
IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575.
CVSS Score
6.8
EPSS Score
0.001
Published
2024-05-14
IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation. IBM X-Force ID: 275706.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-04-11
IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-03-27
IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 275939.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-03-27
IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. IBM X-Force ID: 275709.
CVSS Score
3.7
EPSS Score
0.001
Published
2024-01-17
IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified. IBM X-Force ID: 270372.
CVSS Score
4.9
EPSS Score
0.0
Published
2023-12-19