Vulnerabilities > IBM > Qradar Security Information AND Event Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-17 CVE-2023-50950 Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules.
network
low complexity
ibm
5.3
2023-12-19 CVE-2023-47146 Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified.
network
low complexity
ibm
6.5
2023-11-11 CVE-2023-43057 Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2023-10-29 CVE-2023-43041 Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains.
network
low complexity
ibm
4.9
2023-10-14 CVE-2023-40367 Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-06-27 CVE-2022-34352 Information Exposure vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains.
network
low complexity
ibm CWE-200
6.5
2023-06-27 CVE-2023-26273 Improper Input Validation vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation.
network
low complexity
ibm CWE-20
4.3
2023-06-27 CVE-2023-26274 Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2022-10-07 CVE-2022-30613 Unspecified vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user.
local
low complexity
ibm
5.5
2022-07-20 CVE-2021-38936 Unspecified vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user.
network
low complexity
ibm
4.9