Vulnerabilities > IBM > Qradar Security Information AND Event Manager > 7.4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-14	CVE-2020-4512	OS Command Injection vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 could allow a remote privileged user to execute commands. network low complexity ibm CWE-78	7.2
2020-07-14	CVE-2020-4511	Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 could allow an authenticated user to cause a denial of service of the qflow process by sending a malformed sflow command. network low complexity ibm	6.5
2020-07-14	CVE-2020-4510	XXE vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. network low complexity ibm CWE-611	5.5
2020-07-14	CVE-2020-4364	Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2020-06-04	CVE-2020-4509	XXE vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.4.0 IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. network low complexity ibm CWE-611	7.6

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.