Vulnerabilities > CVE-2021-20429 - Incorrect Authorization vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ibm
CWE-863

Summary

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334.

Vulnerable Configurations

Part Description Count
Application
Ibm
2

Common Weakness Enumeration (CWE)