Vulnerabilities > IBM > Qradar Security Information AND Event Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-17 | CVE-2023-50950 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. | 5.3 |
| 2023-12-19 | CVE-2023-47146 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified. | 6.5 |
| 2023-11-11 | CVE-2023-43057 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. | 5.4 |
| 2023-10-29 | CVE-2023-43041 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. | 4.9 |
| 2023-10-14 | CVE-2023-40367 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. | 5.4 |
| 2023-06-27 | CVE-2022-34352 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. | 6.5 |
| 2023-06-27 | CVE-2023-26273 | Improper Input Validation vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation. | 4.3 |
| 2023-06-27 | CVE-2023-26274 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. | 5.4 |
| 2022-10-07 | CVE-2022-30613 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. | 5.5 |
| 2022-07-20 | CVE-2021-38936 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. | 4.9 |