CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28786 – IBM QRadar SIEM information disclosure
https://notcve.org/view.php?id=CVE-2024-28786
27 Jan 2025 — IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques. • https://www.ibm.com/support/pages/node/7173420 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47107 – IBM QRadar SIEM cross-site scripting
https://notcve.org/view.php?id=CVE-2024-47107
07 Dec 2024 — IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7178104 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27269 – IBM QRadar SIEM information disclosure
https://notcve.org/view.php?id=CVE-2024-27269
10 May 2024 — IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575. IBM QRadar SIEM 7.5 podría permitir a un usuario privilegiado configurar una gestión de usuarios que revelaría información confidencial no deseada entre los inquilinos. ID de IBM X-Force: 284575. • https://exchange.xforce.ibmcloud.com/vulnerabilities/284575 • CWE-286: Incorrect User Management •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50949 – IBM QRadar improper certificate validation
https://notcve.org/view.php?id=CVE-2023-50949
11 Apr 2024 — IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation. IBM X-Force ID: 275706. IBM QRadar SIEM 7.5 podría permitir que un usuario no autorizado realice acciones no autorizadas debido a una validación de certificado incorrecta. ID de IBM X-Force: 275706. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275706 • CWE-295: Improper Certificate Validation •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50961 – IBM QRadar cross-site scripting
https://notcve.org/view.php?id=CVE-2023-50961
27 Mar 2024 — IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 275939. IBM QRadar SIEM 7.5 es vulnerable a cross-site scripting almacenadas. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo q... • https://exchange.xforce.ibmcloud.com/vulnerabilities/275939 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28784 – IBM QRadar cross-site scripting
https://notcve.org/view.php?id=CVE-2024-28784
27 Mar 2024 — IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893. IBM QRadar SIEM 7.5 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/285893 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •