QRadar SIEM
by IBM
CVEs (197)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-2878 | Hig | 0.52 | 8.0 | 0.00 | Nov 30, 2016 | Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | ||
| CVE-2021-39088 | Hig | 0.51 | 7.8 | 0.00 | Jul 28, 2022 | IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111. | ||
| CVE-2021-20401 | Hig | 0.51 | 7.8 | 0.00 | May 5, 2021 | IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196075. | ||
| CVE-2020-4932 | Hig | 0.51 | 7.8 | 0.00 | May 5, 2021 | IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 191748. | ||
| CVE-2020-4270 | Hig | 0.51 | 7.8 | 0.00 | Apr 15, 2020 | IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to weak file permissions. IBM X-ForceID: 175846. | ||
| CVE-2019-4508 | Hig | 0.51 | 7.8 | 0.00 | Jan 10, 2020 | IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in some instances which could be decrypted by a local attacker. IBM X-Force ID: 164429. | ||
| CVE-2016-2880 | Hig | 0.51 | 7.8 | 0.00 | Mar 1, 2017 | IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. IBM Reference #: 1997340. | ||
| CVE-2016-2879 | Hig | 0.51 | 7.8 | 0.00 | Mar 1, 2017 | IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. IBM Reference #: 1997341. | ||
| CVE-2016-2871 | Hig | 0.51 | 7.8 | 0.00 | Nov 30, 2016 | IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file. | ||
| CVE-2020-4509 | Hig | 0.50 | 7.6 | 0.02 | Jun 4, 2020 | IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 182364. | ||
| CVE-2022-22480 | Hig | 0.49 | 7.5 | 0.01 | Oct 7, 2022 | IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889. | ||
| CVE-2021-29755 | Hig | 0.49 | 7.5 | 0.00 | Jul 20, 2022 | IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015. | ||
| CVE-2021-38919 | Hig | 0.49 | 7.5 | 0.01 | Apr 27, 2022 | IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021 | ||
| CVE-2021-38878 | Hig | 0.49 | 7.5 | 0.01 | Apr 27, 2022 | IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication. IBM X-Force ID: 208756. | ||
| CVE-2021-20400 | Hig | 0.49 | 7.5 | 0.01 | Dec 1, 2021 | IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196074. | ||
| CVE-2021-29750 | Hig | 0.49 | 7.5 | 0.01 | Sep 15, 2021 | IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201778. | ||
| CVE-2021-20337 | Hig | 0.49 | 7.5 | 0.01 | Jul 26, 2021 | IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 194448. | ||
| CVE-2021-20380 | Hig | 0.49 | 7.5 | 0.01 | Jun 3, 2021 | IBM QRadar Advisor With Watson App 1.1 through 2.5 as used on IBM QRadar SIEM 7.4 could allow a remote user to obtain sensitive information from HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 195712. | ||
| CVE-2021-20393 | Hig | 0.49 | 7.5 | 0.01 | May 14, 2021 | IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001. | ||
| CVE-2019-4545 | Hig | 0.49 | 7.5 | 0.02 | Oct 8, 2020 | IBM QRadar SIEM 7.3 and 7.4 when configured to use Active Directory Authentication may be susceptible to spoofing attacks. IBM X-Force ID: 165877. |
- risk 0.52cvss 8.0epss 0.00
Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
- risk 0.51cvss 7.8epss 0.00
IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111.
- risk 0.51cvss 7.8epss 0.00
IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196075.
- risk 0.51cvss 7.8epss 0.00
IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 191748.
- risk 0.51cvss 7.8epss 0.00
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to weak file permissions. IBM X-ForceID: 175846.
- risk 0.51cvss 7.8epss 0.00
IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in some instances which could be decrypted by a local attacker. IBM X-Force ID: 164429.
- risk 0.51cvss 7.8epss 0.00
IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. IBM Reference #: 1997340.
- risk 0.51cvss 7.8epss 0.00
IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. IBM Reference #: 1997341.
- risk 0.51cvss 7.8epss 0.00
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file.
- risk 0.50cvss 7.6epss 0.02
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 182364.
- risk 0.49cvss 7.5epss 0.01
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.
- risk 0.49cvss 7.5epss 0.00
IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015.
- risk 0.49cvss 7.5epss 0.01
IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021
- risk 0.49cvss 7.5epss 0.01
IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication. IBM X-Force ID: 208756.
- risk 0.49cvss 7.5epss 0.01
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196074.
- risk 0.49cvss 7.5epss 0.01
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201778.
- risk 0.49cvss 7.5epss 0.01
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 194448.
- risk 0.49cvss 7.5epss 0.01
IBM QRadar Advisor With Watson App 1.1 through 2.5 as used on IBM QRadar SIEM 7.4 could allow a remote user to obtain sensitive information from HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 195712.
- risk 0.49cvss 7.5epss 0.01
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001.
- risk 0.49cvss 7.5epss 0.02
IBM QRadar SIEM 7.3 and 7.4 when configured to use Active Directory Authentication may be susceptible to spoofing attacks. IBM X-Force ID: 165877.
Page 2 of 10