Page 2 of 27 results (0.026 seconds)

CVSS: 8.3EPSS: 0%CPEs: 16EXPL: 0

CVE-2022-43863 – IBM QRadar SIEM privilege escalation

https://notcve.org/view.php?id=CVE-2022-43863

22 Mar 2023 — IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. IBM X-Force ID: 239425. • https://exchange.xforce.ibmcloud.com/vulnerabilities/239425 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

CVE-2022-34351 – IBM QRadar SIEM information disclosure

https://notcve.org/view.php?id=CVE-2022-34351

17 Feb 2023 — IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402. • https://exchange.xforce.ibmcloud.com/vulnerabilities/230402 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-22875 – IBM Security QRadar SIEM information disclosure

https://notcve.org/view.php?id=CVE-2023-22875

17 Jan 2023 — IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356. IBM QRadar SIEM 7.4 y 7.5 copia los archivos de claves de certificado utilizados para SSL/TLS en la interfaz de usuario web de QRadar en hosts gestionados en el despliegue que no requieren esa clave. ID de IBM X-Force: 244356. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244356 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0

CVE-2022-30613

https://notcve.org/view.php?id=CVE-2022-30613

07 Oct 2022 — IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366. IBM QRadar SIEM versiones 7.4 y 7.5, podría divulgar información confidencial por medio de un servicio local a un usuario privilegiado. IBM X-Force ID: 227366 • https://exchange.xforce.ibmcloud.com/vulnerabilities/227366 •

CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0

CVE-2022-22480

https://notcve.org/view.php?id=CVE-2022-22480

07 Oct 2022 — IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889. Un reequilibrio de nodos de datos de IBM QRadar SIEM versiones 7.4 y 7.5, no funciona correctamente cuando son usados hosts cifrados, lo que podría resultar en una divulgación de información. IBM X-Force ID: 225889 • https://exchange.xforce.ibmcloud.com/vulnerabilities/225889 •

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

CVE-2021-39088

https://notcve.org/view.php?id=CVE-2021-39088

28 Jul 2022 — IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111. IBM QRadar SIEM versiones 7.3, 7.4 y 7.5, es vulnerable a una escalada de privilegios local, si esto pudiera combinarse con otras vulnerabilidades desconocidas, podría llevarse a cabo una escalada de privilegios. IBM X-Force ID: 216111 • https://exchange.xforce.ibmcloud.com/vulnerabilities/216111 •

CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0

CVE-2022-22424

https://notcve.org/view.php?id=CVE-2022-22424

20 Jul 2022 — IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597. IBM QRadar SIEM versiones 7.3, 7.4 y 7.5, podría permitir a un usuario local obtener información confidencial del archivo de claves TLS debido a permisos de archivo incorrectos. IBM X-Force ID: 223597 • https://exchange.xforce.ibmcloud.com/vulnerabilities/223597 • CWE-276: Incorrect Default Permissions •

CVSS: 6.1EPSS: 0%CPEs: 22EXPL: 0

CVE-2021-38936

https://notcve.org/view.php?id=CVE-2021-38936

20 Jul 2022 — IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893. IBM QRadar SIEM versiones7.3, 7.4 y 7.5, podría divulgar información altamente confidencial a un usuario privilegiado. IBM X-Force ID: 210893 • https://exchange.xforce.ibmcloud.com/vulnerabilities/210893 •

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

CVE-2021-29755

https://notcve.org/view.php?id=CVE-2021-29755

20 Jul 2022 — IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015. IBM QRadar SIEM versiones 7.3, 7.4 y 7.5, no comprueba apropiadamente los certificados en algunas comunicaciones entre hosts. IBM X-Force ID: 202015 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202015 • CWE-295: Improper Certificate Validation •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2021-39041

https://notcve.org/view.php?id=CVE-2021-39041

12 Jul 2022 — IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028. IBM QRadar SIEM versiones 7.3, 7.4 y 7.5, puede ser vulnerable a un ataque parcial de denegación de servicio, resultando en que algunos protocolos no escuchen en los puertos especificados. IBM X-Force ID: 214028 • https://exchange.xforce.ibmcloud.com/vulnerabilities/214028 •