CVE-2022-36771
- EPSS 0.12%
- Veröffentlicht 28.09.2022 16:15:12
- Zuletzt bearbeitet 21.05.2025 15:15:57
IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791.
CVE-2021-29757
- EPSS 0.11%
- Veröffentlicht 02.08.2021 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:01:45
IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168.
CVE-2021-20391
- EPSS 0.04%
- Veröffentlicht 14.05.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 05:46:30
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999.
CVE-2021-20392
- EPSS 0.13%
- Veröffentlicht 14.05.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 05:46:30
IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...
CVE-2021-20393
- EPSS 0.15%
- Veröffentlicht 14.05.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 05:46:30
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the sys...
CVE-2021-20429
- EPSS 0.14%
- Veröffentlicht 14.05.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 05:46:34
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334.