QRadar SIEM
by IBM
CVEs (197)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-33118 | 0.00 | — | 0.00 | Aug 1, 2025 | IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure… | |||
| CVE-2025-33097 | 0.00 | — | 0.00 | Jul 15, 2025 | IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a… | |||
| CVE-2025-33117 | 0.00 | — | 0.00 | Jun 19, 2025 | IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands. | |||
| CVE-2025-33121 | 0.00 | — | 0.00 | Jun 19, 2025 | IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. | |||
| CVE-2025-36050 | 0.00 | — | 0.00 | Jun 19, 2025 | IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local user. | |||
| CVE-2024-45638 | 0.00 | — | 0.00 | Mar 14, 2025 | IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user. | |||
| CVE-2024-45643 | 0.00 | — | 0.00 | Mar 14, 2025 | IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information. | |||
| CVE-2024-56463 | 0.00 | — | 0.00 | Feb 14, 2025 | IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||
| CVE-2024-28786 | 0.00 | — | 0.00 | Jan 27, 2025 | IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques. | |||
| CVE-2024-47107 | 0.00 | — | 0.00 | Dec 7, 2024 | IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||
| CVE-2024-27269 | 0.00 | — | 0.00 | May 10, 2024 | IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575. | |||
| CVE-2023-50949 | 0.00 | — | 0.00 | Apr 11, 2024 | IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation. IBM X-Force ID: 275706. | |||
| CVE-2023-50961 | 0.00 | — | 0.00 | Mar 27, 2024 | IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: … | |||
| CVE-2024-28784 | 0.00 | — | 0.00 | Mar 27, 2024 | IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893. | |||
| CVE-2015-4930 | 0.00 | — | 0.02 | Oct 4, 2015 | IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges by leveraging admin access. | |||
| CVE-2015-2016 | 0.00 | — | 0.02 | Oct 4, 2015 | Unspecified vulnerability in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unknown vectors. | |||
| CVE-2015-2011 | 0.00 | — | 0.02 | Oct 4, 2015 | The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors. | |||
| CVE-2014-6075 | 0.00 | — | 0.01 | Nov 28, 2014 | IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, place credentials in URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server… | |||
| CVE-2014-4832 | 0.00 | — | 0.01 | Nov 28, 2014 | IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session. | |||
| CVE-2014-4831 | 0.00 | — | 0.01 | Nov 28, 2014 | IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to hijack sessions via unspecified vectors. |
- CVE-2025-33118Aug 1, 2025risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure…
- CVE-2025-33097Jul 15, 2025risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a…
- CVE-2025-33117Jun 19, 2025risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands.
- CVE-2025-33121Jun 19, 2025risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
- CVE-2025-36050Jun 19, 2025risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local user.
- CVE-2024-45638Mar 14, 2025risk 0.00cvss —epss 0.00
IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user.
- CVE-2024-45643Mar 14, 2025risk 0.00cvss —epss 0.00
IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information.
- CVE-2024-56463Feb 14, 2025risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
- CVE-2024-28786Jan 27, 2025risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.
- CVE-2024-47107Dec 7, 2024risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
- CVE-2024-27269May 10, 2024risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575.
- CVE-2023-50949Apr 11, 2024risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation. IBM X-Force ID: 275706.
- CVE-2023-50961Mar 27, 2024risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: …
- CVE-2024-28784Mar 27, 2024risk 0.00cvss —epss 0.00
IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893.
- CVE-2015-4930Oct 4, 2015risk 0.00cvss —epss 0.02
IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges by leveraging admin access.
- CVE-2015-2016Oct 4, 2015risk 0.00cvss —epss 0.02
Unspecified vulnerability in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unknown vectors.
- CVE-2015-2011Oct 4, 2015risk 0.00cvss —epss 0.02
The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors.
- CVE-2014-6075Nov 28, 2014risk 0.00cvss —epss 0.01
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, place credentials in URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server…
- CVE-2014-4832Nov 28, 2014risk 0.00cvss —epss 0.01
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.
- CVE-2014-4831Nov 28, 2014risk 0.00cvss —epss 0.01
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to hijack sessions via unspecified vectors.
Page 9 of 10