Vulnerabilities > IBM > Qradar Security Information AND Event Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-17 | CVE-2019-4211 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. | 5.4 |
| 2019-07-17 | CVE-2018-2022 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 discloses sensitive information to unauthorized users. | 5.3 |
| 2019-07-17 | CVE-2018-2021 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. | 6.1 |
| 2019-05-29 | CVE-2019-4264 | Improper Certificate Validation vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2.8 WinCollect could allow an attacker to obtain sensitive information by spoofing a trusted entity using man in the middle techniques due to not validating or incorrectly validating a certificate. | 5.9 |
| 2019-04-19 | CVE-2018-1729 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.3.1/7.3.2 IBM QRadar SIEM 7.3 discloses sensitive information to unauthorized users. | 5.3 |
| 2019-01-29 | CVE-2018-1733 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled input data for syntax that has control-plane implications which could allow an attacker to modify displayed content. | 5.3 |
| 2018-07-17 | CVE-2018-1612 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information. | 5.8 |
| 2018-04-26 | CVE-2017-1724 | Cross-site Scripting vulnerability in IBM products IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. | 6.1 |
| 2018-04-26 | CVE-2017-1723 | Path Traversal vulnerability in IBM Qradar Security Information and Event Manager IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2018-04-26 | CVE-2017-1722 | SQL Injection vulnerability in IBM Qradar Security Information and Event Manager IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. | 6.3 |