Vulnerabilities > IBM > Qradar Security Information AND Event Manager

DATE CVE VULNERABILITY TITLE RISK
2024-01-17 CVE-2023-50950 Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules.
network
low complexity
ibm
5.3
2023-12-19 CVE-2023-47146 Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified.
network
low complexity
ibm
6.5
2023-11-11 CVE-2023-43057 Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-10-29 CVE-2023-43041 Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains.
network
low complexity
ibm
4.9
2023-10-14 CVE-2023-30994 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2023-10-14 CVE-2023-40367 Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-06-27 CVE-2022-34352 Information Exposure vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains.
network
low complexity
ibm CWE-200
6.5
2023-06-27 CVE-2023-26273 Improper Input Validation vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation.
network
low complexity
ibm CWE-20
4.3
2023-06-27 CVE-2023-26274 Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-06-27 CVE-2023-26276 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5