CVE-2016-9750
Description
IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 120207.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2016-9750: IBM QRadar 7.2.x and 7.3.x store user credentials in plaintext, allowing authenticated users with file system access to read them.
Vulnerability
IBM QRadar SIEM versions 7.2.x and 7.3.x store user credentials in plain, clear text [1]. The vulnerability resides in the credential storage mechanism. An attacker must first be an authenticated user with file system access to exploit this issue [1].
Exploitation
An authenticated user with access to the QRadar file system can read stored credentials in plaintext [1]. The attack requires network access (AV:N) but high complexity (AC:H) and low privileges (PR:L) with no user interaction (UI:N) [1]. The attacker does not need to be on the same network segment; remote access over the network is sufficient [1].
Impact
Successful exploitation results in high confidentiality impact: the attacker obtains plaintext user or system passwords [1]. This can lead to privilege escalation or unauthorized access to other systems that QRadar integrates with [1].
Mitigation
No workarounds or mitigations are documented in the reference [1]. IBM has not released a security patch to address this issue in the referenced advisory. Affected administrators should monitor IBM's support portal for future updates and restrict file system access to trusted users only, as per the security advisory.
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- IBM Corporation/QRadar SIEMv5Range: 7.2, 7.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.