cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-28786,https://securityvulnerability.io/vulnerability/CVE-2024-28786,Data Transmission Vulnerability in IBM QRadar SIEM,"IBM QRadar SIEM version 7.5 is susceptible to a vulnerability where sensitive and security-critical data is transmitted in cleartext. This flaw allows unauthorized actors to potentially intercept the data using man in the middle techniques, posing significant security risks for organizations relying on QRadar SIEM for threat detection and response.",IBM,Qradar Siem,6.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,false,,2025-01-28T00:15:00.000Z,0
CVE-2024-47107,https://securityvulnerability.io/vulnerability/CVE-2024-47107,IBM QRadar SIEM 7.5 vulnerable to Stored Cross-Site Scripting,IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM,Qradar Siem,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-12-07T14:49:45.624Z,0
CVE-2024-27269,https://securityvulnerability.io/vulnerability/CVE-2024-27269,Potential Privileged User Configuration Vulnerability Could Disclose Sensitive Information Across Tenants,IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants.  IBM X-Force ID:  284575.,IBM,Qradar Siem,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-14T15:11:00.000Z,0
CVE-2023-50949,https://securityvulnerability.io/vulnerability/CVE-2023-50949,Unauthorized Actions Due to Certificate Validation Flaw,IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation.  IBM X-Force ID:  275706.,IBM,Qradar Siem,5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-11T16:54:41.741Z,0
CVE-2023-50961,https://securityvulnerability.io/vulnerability/CVE-2023-50961,IBM QRadar SIEM Vulnerable to Stored Cross-Site Scripting,IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  275939.,IBM,Qradar Siem,4.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-27T12:35:40.175Z,0
CVE-2024-28784,https://securityvulnerability.io/vulnerability/CVE-2024-28784,IBM QRadar SIEM Vulnerable to Cross-Site Scripting,IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  285893.,IBM,Qradar Siem,5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-27T12:33:45.889Z,0
CVE-2023-50950,https://securityvulnerability.io/vulnerability/CVE-2023-50950,IBM QRadar information disclosure,IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules.  IBM X-Force ID:  275709.,IBM,QRadar SIEM,5.3,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2024-01-17T17:08:30.053Z,0
CVE-2023-47146,https://securityvulnerability.io/vulnerability/CVE-2023-47146,IBM QRadar SIEM information disclosure,IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified.  IBM X-Force ID:  270372.,IBM,QRadar SIEM,4.9,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2023-12-19T22:15:00.000Z,0
CVE-2023-43057,https://securityvulnerability.io/vulnerability/CVE-2023-43057,IBM QRadar SIEM cross-site scripting,IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  267484.,IBM,IBM Qradar Siem,4.6,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2023-11-11T16:15:00.000Z,0
CVE-2023-43041,https://securityvulnerability.io/vulnerability/CVE-2023-43041,IBM QRadar information disclosure,IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains.  This vulnerability is due to an incomplete fix for CVE-2022-34352.  IBM X-Force ID:  266808.,IBM,Qradar Siem,6.5,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2023-10-29T01:15:00.000Z,0
CVE-2023-30994,https://securityvulnerability.io/vulnerability/CVE-2023-30994,IBM QRadar SIEM information disclosure,IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  254138,IBM,Qradar Siem,5.4,MEDIUM,0.001069999998435378,false,,false,false,false,,,false,false,,2023-10-14T17:15:00.000Z,0
CVE-2023-40367,https://securityvulnerability.io/vulnerability/CVE-2023-40367,IBM QRadar SIEM cross-site scripting,IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  263376.,IBM,Qradar Siem,5.4,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2023-10-14T17:15:00.000Z,0
CVE-2023-26276,https://securityvulnerability.io/vulnerability/CVE-2023-26276,IBM QRadar information disclosure,IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  248147.,IBM,Security Qradar Siem,5.9,MEDIUM,0.0008999999845400453,false,,false,false,false,,,false,false,,2023-06-27T18:15:00.000Z,0
CVE-2023-26273,https://securityvulnerability.io/vulnerability/CVE-2023-26273,IBM QRadar security bypass,IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation.  IBM X-Force ID:  248134.,IBM,Security Qradar Siem,4.3,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2023-06-27T18:15:00.000Z,0
CVE-2023-26274,https://securityvulnerability.io/vulnerability/CVE-2023-26274,IBM QRadar cross-site scripting,"
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 248144.

",IBM,Security Qradar Siem,4.6,MEDIUM,0.0005099999834783375,false,,false,false,false,,,false,false,,2023-06-27T18:15:00.000Z,0
CVE-2022-34352,https://securityvulnerability.io/vulnerability/CVE-2022-34352,IBM QRadar information disclosure,"
IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains.  IBM X-Force ID:  230403.

",IBM,Security Qradar Siem,6.5,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2023-06-27T17:39:02.617Z,0
CVE-2022-43863,https://securityvulnerability.io/vulnerability/CVE-2022-43863,IBM QRadar SIEM privilege escalation,"IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities.  IBM X-Force ID:  239425.",IBM,Qradar Siem,6.7,MEDIUM,0.0009399999980814755,false,,false,false,false,,,false,false,,2023-03-22T21:25:01.880Z,0
CVE-2022-34351,https://securityvulnerability.io/vulnerability/CVE-2022-34351,IBM QRadar SIEM information disclosure,IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains.  IBM X-Force ID:  230402.,IBM,Qradar Siem,5.9,MEDIUM,0.001019999966956675,false,,false,false,false,,,false,false,,2023-02-17T18:40:31.630Z,0
CVE-2023-22875,https://securityvulnerability.io/vulnerability/CVE-2023-22875,IBM Security QRadar SIEM information disclosure,"A key management issue has been identified in IBM QRadar SIEM 7.4 and 7.5, where certificate key files used for SSL/TLS in the web user interface are improperly transferred to managed hosts within a deployment. This could lead to potential exposure of sensitive key material on hosts that don’t require access to these keys, raising security concerns over the integrity and confidentiality of the SSL/TLS communication.",IBM,Security QRadar SIEM,7.5,HIGH,0.0008500000112690032,false,,false,false,false,,,false,false,,2023-01-17T19:15:00.000Z,0
CVE-2022-22480,https://securityvulnerability.io/vulnerability/CVE-2022-22480,Information Disclosure in IBM QRadar SIEM Data Node Rebalancing,"An issue has been identified in IBM QRadar SIEM versions 7.4 and 7.5 where the data node rebalancing process fails to function correctly when handling encrypted hosts. This misconfiguration may expose sensitive data, allowing unauthorized access to critical information, which poses a significant risk to data integrity and confidentiality. For more details, refer to the IBM support page and the IBM X-Force ID entry.",IBM,Qradar Siem,5.3,MEDIUM,0.001019999966956675,false,,false,false,false,,,false,false,,2022-10-07T17:15:00.000Z,0
CVE-2022-30613,https://securityvulnerability.io/vulnerability/CVE-2022-30613,Information Disclosure Vulnerability in IBM QRadar SIEM,"IBM QRadar SIEM versions 7.4 and 7.5 are susceptible to a vulnerability that may allow a privileged user to access sensitive information through a local service. This could lead to unauthorized data exposure, highlighting the need for users to ensure their systems are appropriately secured and updated according to IBM's recommendations.",IBM,Qradar Siem,4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-10-07T17:15:00.000Z,0
CVE-2021-39088,https://securityvulnerability.io/vulnerability/CVE-2021-39088,Local Privilege Escalation in IBM QRadar SIEM by IBM,"IBM QRadar SIEM versions 7.3, 7.4, and 7.5 have a vulnerability that allows for local privilege escalation. This flaw can be exploited when combined with other undisclosed vulnerabilities, potentially allowing attackers to gain elevated privileges within the affected system. Users are advised to apply security patches and evaluate their systems to mitigate associated risks.",IBM,Qradar Siem,7.4,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-07-28T23:15:00.000Z,0
CVE-2021-38936,https://securityvulnerability.io/vulnerability/CVE-2021-38936,Sensitive Information Disclosure in IBM QRadar SIEM Products,"IBM QRadar SIEM versions 7.3, 7.4, and 7.5 are susceptible to a vulnerability that may allow a privileged user to gain access to highly sensitive information. This security risk emphasizes the importance of ensuring proper access controls and regular system updates to safeguard against potential exploitation.",IBM,Qradar Siem,4.9,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2022-07-20T18:15:00.000Z,0
CVE-2021-29755,https://securityvulnerability.io/vulnerability/CVE-2021-29755,Improper Certificate Validation in IBM QRadar SIEM,"IBM QRadar SIEM versions 7.3, 7.4, and 7.5 contain a vulnerability where proper certificate validation is not performed during certain inter-host communications. This oversight may allow attackers to exploit the system, potentially leading to unauthorized access or manipulation of sensitive data. Organizations using these versions of QRadar SIEM are urged to review their configurations and apply the necessary security updates as recommended by IBM.",IBM,Qradar Siem,5.9,MEDIUM,0.0008500000112690032,false,,false,false,false,,,false,false,,2022-07-20T18:15:00.000Z,0
CVE-2022-22424,https://securityvulnerability.io/vulnerability/CVE-2022-22424,Local Information Disclosure Vulnerability in IBM QRadar SIEM,"IBM QRadar SIEM versions 7.3, 7.4, and 7.5 are affected by a local information disclosure vulnerability that arises from improper file permissions set on the TLS key file. This misconfiguration could allow a local user to access sensitive information, potentially compromising the security of the application and the confidentiality of the data it protects. It is critical for users to ensure proper permission settings to mitigate the risks associated with this vulnerability.",IBM,Qradar Siem,5.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-07-19T00:00:00.000Z,0