Vulnerabilities > IBM > Qradar User Behavior Analytics > 4.1.0

DATE CVE VULNERABILITY TITLE RISK
2022-09-28 CVE-2022-36771 Unspecified vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0/4.1.1
IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to.
network
low complexity
ibm
6.5
6.5
2021-05-14 CVE-2021-20391 Insecure Storage of Sensitive Information vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
2.1
2.1
2021-05-14 CVE-2021-20393 Information Exposure Through an Error Message vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
5.0
5.0
2021-05-14 CVE-2021-20429 Incorrect Authorization vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy.
network
low complexity
ibm CWE-863
5.0
5.0