Product:

Qradar_security_information_and_event_manager

(Ibm)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 165
Date Id Summary Products Score Patch Annotated
2022-04-27 CVE-2021-38869 IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. IBM X-Force ID: 208341. Qradar_security_information_and_event_manager 9.8
2022-04-27 CVE-2021-38874 IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397. Qradar_security_information_and_event_manager 4.3
2022-04-27 CVE-2021-38878 IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication. IBM X-Force ID: 208756. Qradar_security_information_and_event_manager 7.5
2022-04-27 CVE-2021-38919 IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021 Qradar_security_information_and_event_manager 7.5
2022-04-27 CVE-2021-38939 IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains. IBM X-Force ID: 211037. Qradar_security_information_and_event_manager 5.3
2022-04-27 CVE-2022-22345 IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 220041. Qradar_security_information_and_event_manager 4.8
2022-05-11 CVE-2022-22320 IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 218367. Qradar_security_information_and_event_manager 4.8
2022-07-12 CVE-2021-39041 IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028. Qradar_security_information_and_event_manager 5.3
2022-07-20 CVE-2021-38936 IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893. Qradar_security_information_and_event_manager 4.9
2022-07-20 CVE-2021-29755 IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015. Qradar_security_information_and_event_manager 7.5