Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2023-33860
- EPSS 0.04%
- Published 10.07.2024 16:15:03
- Last modified 19.05.2025 16:15:24
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The coo...
5.4
CVE-2023-35006
- EPSS 0.06%
- Published 10.07.2024 16:15:03
- Last modified 15.09.2025 20:15:34
IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
5.3
CVE-2023-33859
- EPSS 0.09%
- Published 10.07.2024 16:15:02
- Last modified 21.11.2024 08:06:05
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697.