Ibm

Qradar Security Information And Event Manager

185 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.7

CVE-2024-56464

  • EPSS -
  • Veröffentlicht 09.12.2025 13:26:15
  • Zuletzt bearbeitet 09.12.2025 18:37:13

IBM QRadar SIEM 7.5 - 7.5.0 UP14 IF01 is affected by an information disclosure vulnerability involving exposure of directory information. IBM has addressed this vulnerability in the latest update.

6.5

CVE-2025-33119

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 12.11.2025 21:19:55
  • Zuletzt bearbeitet 14.11.2025 16:42:30

IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.

5.4

CVE-2025-36138

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 27.10.2025 18:47:11
  • Zuletzt bearbeitet 03.11.2025 19:06:18

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit...

5.4

CVE-2025-36170

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 27.10.2025 18:46:38
  • Zuletzt bearbeitet 03.11.2025 18:52:14

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit...

7.8

CVE-2025-36007

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 27.10.2025 18:40:16
  • Zuletzt bearbeitet 03.11.2025 19:12:52

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script.

2.3

CVE-2025-0164

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 14.09.2025 13:15:31
  • Zuletzt bearbeitet 20.09.2025 02:54:49

IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged user to perform unauthorized actions on configuration files due to improper permission assignment.

5.4

CVE-2025-36042

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 22.08.2025 14:55:01
  • Zuletzt bearbeitet 15.09.2025 19:53:14

IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to creden...

7.8

CVE-2025-33120

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 22.08.2025 14:54:02
  • Zuletzt bearbeitet 15.09.2025 19:53:47

IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.

5.4

CVE-2025-33118

  • EPSS 0.05%
  • Veröffentlicht 01.08.2025 17:21:16
  • Zuletzt bearbeitet 14.08.2025 18:49:42

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

5.4

CVE-2025-33097

  • EPSS 0.05%
  • Veröffentlicht 15.07.2025 14:29:54
  • Zuletzt bearbeitet 07.08.2025 00:46:30

IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credent...