cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-45100,https://securityvulnerability.io/vulnerability/CVE-2024-45100,Denial of Service in IBM Security ReaQta Affecting Privileged Users,"IBM Security ReaQta 3.12 is susceptible to a denial of service attack when a privileged user sends multiple administrative requests. This vulnerability arises from the improper allocation of resources within the software, potentially leading to service interruptions and an impaired ability to manage security functions effectively.",IBM,Security Qradar Edr,4.9,MEDIUM,0.0004400000034365803,false,false,false,false,false,false,false,2025-01-07T12:22:53.822Z,0
CVE-2024-45640,https://securityvulnerability.io/vulnerability/CVE-2024-45640,Sensitive Information Exposure in IBM Security ReaQta,The IBM Security ReaQta 3.12 has a vulnerability that allows it to return sensitive information within its HTTP response. This exposure can be leveraged by attackers to gain unauthorized access or perform further malicious actions against the system.,IBM,Security Qradar Edr,5.3,MEDIUM,0.0004600000102072954,false,false,false,false,false,false,false,2025-01-07T12:22:04.843Z,0
CVE-2024-45642,https://securityvulnerability.io/vulnerability/CVE-2024-45642,ReaQta 3.12 Vulnerable to Cross-Site Scripting,IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM Security,Security Qradar Edr,5.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-11-14T12:15:00.000Z,0
CVE-2024-45099,https://securityvulnerability.io/vulnerability/CVE-2024-45099,ReaQta 3.12 Vulnerable to Cross-Site Scripting,IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM Security,Security Qradar Edr,4.8,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-11-14T12:15:00.000Z,0
CVE-2023-33860,https://securityvulnerability.io/vulnerability/CVE-2023-33860,QRadar EDR vulnerability exposes authorization tokens and session cookies,"IBM Security QRadar EDR 3.12 has a vulnerability related to the insufficient security of authorization tokens and session cookies. The software fails to set the secure attribute on these tokens, which could lead to potential interception by attackers. By crafting deceptive links or embedding malicious scripts in trusted sites, attackers can lure users into visiting the unsafe URLs. If a user clicks on such a link, their session cookies may be sent over unencrypted channels, allowing attackers to capture sensitive cookie values through network snooping. Organizations using QRadar EDR should take appropriate measures to secure against this vulnerability to protect user sessions and sensitive data.",IBM,Security Qradar Edr,5.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-07-10T15:28:42.347Z,0
CVE-2023-33859,https://securityvulnerability.io/vulnerability/CVE-2023-33859,IBM QRadar EDR 3.12 Vulnerability Could Leak Sensitive Data,"IBM Security QRadar EDR 3.12 is susceptible to a vulnerability that may result in the disclosure of sensitive information. This issue arises due to discrepancies in the observable login response, which could potentially be leveraged by an attacker to gain unauthorized access to sensitive data. Proper mitigation steps and monitoring are recommended to safeguard against this information leakage.",IBM,Security Qradar Edr,5.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-07-10T15:26:49.293Z,0
CVE-2023-35006,https://securityvulnerability.io/vulnerability/CVE-2023-35006,IBM QRadar EDR Vulnerable to HTML Injection,"IBM Security QRadar EDR 3.12 is affected by a vulnerability that permits HTML injection. This flaw enables a remote attacker to sneak malicious HTML code into the web interface. When this compromised code is rendered in the browser of a user with access to the hosting site, it executes under the site's security context, potentially leading to unauthorized actions or data exposure. The vulnerability raises significant concerns regarding web application security, as it could facilitate a range of malicious activities if not properly mitigated. For more details on the potential implications and security measures, visit the official IBM advisory and vulnerability database.",IBM,Security Qradar Edr,5.4,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-07-10T15:23:14.151Z,0