Ibm Qradar Incident Forensics — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Qradar Incident Forensics, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2016-9726 — CVSS 8.8 (high): IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a…
CVE-2016-9727 — CVSS 8.5 (high): IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted…
CVE-2025-33120 — CVSS 7.8 (high): IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to…
CVE-2018-1649 — CVSS 7.7 (high): IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a…
CVE-2018-1647 — CVSS 7.5 (high): IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict the size or amount of resources requested which could allow an…
CVE-2018-1648 — CVSS 7.5 (high): IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2017-1723 — CVSS 6.5 (medium): IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a…
CVE-2017-1724 — CVSS 6.1 (medium): IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2016-9723 — CVSS 6.1 (medium): IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus…
CVE-2018-1650 — CVSS 5.9 (medium): IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass the authentication configured by the…
CVE-2025-36042 — CVSS 5.4 (medium): IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed…
CVE-2017-1133 — CVSS 5.4 (medium): IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus…
CVE-2018-1728 — CVSS 5.4 (medium): IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2016-9720 — CVSS 5.3 (medium): IBM QRadar 7.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system…
CVE-2016-9730 — CVSS 4.3 (medium): IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and…
CVE-2018-1568 — CVSS 4.0 (medium): IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 143118.
CVE-2017-1622 — CVSS 3.7 (low): IBM QRadar SIEM 7.2.8 and 7.3 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a…