QRadar WinCollect Agent
by IBM
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-51461 | 0.00 | — | 0.00 | Apr 11, 2025 | IBM QRadar WinCollect Agent 10.0 through 10.1.13 could allow a remote attacker to cause a denial of service by interrupting an HTTP request that could consume memory resources. | |||
| CVE-2024-51462 | 0.00 | — | 0.00 | Jan 17, 2025 | IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data. | |||
| CVE-2022-43880 | 0.00 | — | 0.00 | Mar 3, 2024 | IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial of service. IBM X-Force ID: 240151. | |||
| CVE-2023-26279 | 0.00 | — | 0.00 | Nov 23, 2023 | IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. IBM X-Force ID: 248160. | |||
| CVE-2021-39008 | 0.00 | — | 0.00 | Nov 23, 2023 | IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551. | |||
| CVE-2023-38736 | 0.00 | — | 0.00 | Sep 8, 2023 | IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542. | |||
| CVE-2023-26278 | 0.00 | — | 0.00 | May 31, 2023 | IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain elevated privileges on the system. IBM X-Force ID: 248158. | |||
| CVE-2023-26277 | 0.00 | — | 0.00 | May 31, 2023 | IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the system due to execution with unnecessary privileges. IBM X-Force ID: 248156. | |||
| CVE-2021-39006 | 0.00 | — | 0.00 | Jun 21, 2022 | IBM QRadar WinCollect Agent 10.0 and 10.0.1 could allow an attacker to obtain sensitive information due to missing best practices. IBM X-Force ID: 213549. | |||
| CVE-2020-4486 | 0.00 | — | 0.00 | Aug 11, 2020 | IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861. | |||
| CVE-2020-4485 | 0.00 | — | 0.00 | Aug 11, 2020 | IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to disable the Wincollect service which could aid an attacker in bypassing security mechanisms in future attacks. IBM X-Force ID: 181860. |
- CVE-2024-51461Apr 11, 2025risk 0.00cvss —epss 0.00
IBM QRadar WinCollect Agent 10.0 through 10.1.13 could allow a remote attacker to cause a denial of service by interrupting an HTTP request that could consume memory resources.
- CVE-2024-51462Jan 17, 2025risk 0.00cvss —epss 0.00
IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data.
- CVE-2022-43880Mar 3, 2024risk 0.00cvss —epss 0.00
IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial of service. IBM X-Force ID: 240151.
- CVE-2023-26279Nov 23, 2023risk 0.00cvss —epss 0.00
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. IBM X-Force ID: 248160.
- CVE-2021-39008Nov 23, 2023risk 0.00cvss —epss 0.00
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551.
- CVE-2023-38736Sep 8, 2023risk 0.00cvss —epss 0.00
IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542.
- CVE-2023-26278May 31, 2023risk 0.00cvss —epss 0.00
IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain elevated privileges on the system. IBM X-Force ID: 248158.
- CVE-2023-26277May 31, 2023risk 0.00cvss —epss 0.00
IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the system due to execution with unnecessary privileges. IBM X-Force ID: 248156.
- CVE-2021-39006Jun 21, 2022risk 0.00cvss —epss 0.00
IBM QRadar WinCollect Agent 10.0 and 10.0.1 could allow an attacker to obtain sensitive information due to missing best practices. IBM X-Force ID: 213549.
- CVE-2020-4486Aug 11, 2020risk 0.00cvss —epss 0.00
IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861.
- CVE-2020-4485Aug 11, 2020risk 0.00cvss —epss 0.00
IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to disable the Wincollect service which could aid an attacker in bypassing security mechanisms in future attacks. IBM X-Force ID: 181860.