Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Qradar Security Information And Event Manager  Security Vulnerabilities
CVE-2022-22320
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 218367.
CVSS Score
4.8
EPSS Score
0.002
Published
2022-05-11
CVE-2021-38869
IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. IBM X-Force ID: 208341.
CVSS Score
4.3
EPSS Score
0.004
Published
2022-04-27
CVE-2021-38874
IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-04-27
CVE-2021-38878
IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication. IBM X-Force ID: 208756.
CVSS Score
5.9
EPSS Score
0.002
Published
2022-04-27
CVE-2021-38919
IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021
CVSS Score
5.9
EPSS Score
0.003
Published
2022-04-27
CVE-2021-38939
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains. IBM X-Force ID: 211037.
CVSS Score
3.7
EPSS Score
0.002
Published
2022-04-27
CVE-2022-22345
IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 220041.
CVSS Score
4.8
EPSS Score
0.002
Published
2022-04-27
CVE-2021-29776
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user's dashboard providing the dashboard ID of that user. IBM X-Force ID: 203030.
CVSS Score
3.1
EPSS Score
0.002
Published
2022-04-27
CVE-2021-20400
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196074.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-12-01
CVE-2021-29779
IBM QRadar SIEM 7.3 and 7.4 could allow an attacker to obtain sensitive information due to the server performing key exchange without entity authentication on inter-host communications using man in the middle techniques. IBM X-Force ID: 203033.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-12-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved