IBM » Qradar Security Information And Event Manager : Security Vulnerabilities, CVEs, (Information Leak) CVSS score >= 6
IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified. IBM X-Force ID: 270372.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-12-19
Updated
2023-12-27
IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. This vulnerability is due to an incomplete fix for CVE-2022-34352. IBM X-Force ID: 266808.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-10-29
Updated
2023-11-07
IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356.
Max CVSS
8.4
EPSS Score
0.09%
Published
2023-01-17
Updated
2023-01-25
IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. IBM X-Force ID: 230403.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-06-27
Updated
2023-07-05
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402.
Max CVSS
7.5
EPSS Score
0.11%
Published
2023-02-17
Updated
2023-03-01
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.
Max CVSS
7.5
EPSS Score
0.13%
Published
2022-10-07
Updated
2022-10-09
IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be vulnerable to information disclosure between tenants by routing SIEM data to the incorrect domain. IBM X-Force ID: 206979.
Max CVSS
6.5
EPSS Score
0.08%
Published
2021-08-13
Updated
2022-07-12
IBM QRadar SIEM 7.3.2 could allow a user to bypass authentication exposing certain functionality which could lead to information disclosure or modification of application configuration. IBM X-Force ID: 158986.
Max CVSS
9.4
EPSS Score
0.09%
Published
2019-04-08
Updated
2023-02-03
IBM QRadar 7.2 and 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 122957.
Max CVSS
7.5
EPSS Score
0.14%
Published
2017-09-12
Updated
2017-09-16
9 vulnerabilities found