Vulnerabilities > IBM > Qradar User Behavior Analytics > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-28 | CVE-2022-36771 | Unspecified vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0/4.1.1 IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. | 6.5 |
| 2021-05-14 | CVE-2021-20392 | Cross-site Scripting vulnerability in IBM Qradar User Behavior Analytics 1.0.0 IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. | 6.1 |
| 2021-05-14 | CVE-2021-20429 | Incorrect Authorization vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0 IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. | 5.3 |