VYPR

QRadar User Behavior Analytics

by IBM

CVEs (6)

  • CVE-2022-36771Sep 28, 2022
    risk 0.00cvss epss 0.00

    IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791.

  • CVE-2021-29757Aug 2, 2021
    risk 0.00cvss epss 0.00

    IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168.

  • CVE-2021-20429May 14, 2021
    risk 0.00cvss epss 0.01

    IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334.

  • CVE-2021-20393May 14, 2021
    risk 0.00cvss epss 0.01

    IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001.

  • CVE-2021-20392May 14, 2021
    risk 0.00cvss epss 0.01

    IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted…

  • CVE-2021-20391May 14, 2021
    risk 0.00cvss epss 0.00

    IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999.