Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Qradar_security_information_and_event_manager
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 165 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-07-12 | CVE-2021-39041 | IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028. | Qradar_security_information_and_event_manager | 5.3 | ||
| 2021-07-16 | CVE-2020-4980 | IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. IBM X-Force ID: 192539. | Qradar_security_information_and_event_manager | 6.5 | ||
| 2021-07-26 | CVE-2021-20337 | IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 194448. | Qradar_security_information_and_event_manager | 7.5 | ||
| 2021-08-13 | CVE-2021-29880 | IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be vulnerable to information disclosure between tenants by routing SIEM data to the incorrect domain. IBM X-Force ID: 206979. | Qradar_security_information_and_event_manager | 6.5 | ||
| 2022-04-27 | CVE-2021-29776 | IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user's dashboard providing the dashboard ID of that user. IBM X-Force ID: 203030. | Qradar_security_information_and_event_manager | 4.3 | ||
| 2022-04-27 | CVE-2021-38874 | IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397. | Qradar_security_information_and_event_manager | 4.3 | ||
| 2022-04-27 | CVE-2021-38919 | IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021 | Qradar_security_information_and_event_manager | 7.5 | ||
| 2020-04-15 | CVE-2020-4269 | IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-ForceID: 175845. | Qradar_security_information_and_event_manager | 7.5 | ||
| 2020-04-15 | CVE-2020-4270 | IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to weak file permissions. IBM X-ForceID: 175846. | Qradar_security_information_and_event_manager | 7.8 | ||
| 2020-04-15 | CVE-2020-4274 | IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform unauthorized actions due to inadequate permission checks. IBM X-ForceID: 175980. | Qradar_security_information_and_event_manager | 5.4 |