Ibm Qradar Security Information And Event Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Qradar Security Information And Event Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (190)
CVE-2020-4979 — CVSS 9.8 (critical): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deployment communication. An attacker that is able to comprimise or spoof…
CVE-2021-38869 — CVSS 9.8 (critical): IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. IBM X-Force…
CVE-2014-3062 — CVSS 9.3 (critical): Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown…
CVE-2025-33117 — CVSS 9.1 (critical): IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload…
CVE-2021-20399 — CVSS 9.1 (critical): IBM Qradar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA is vulnerable to an XML External Entity Injection (XXE) attack when processing…
CVE-2015-2011 — CVSS 9.0 (critical): The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated…
CVE-2015-4930 — CVSS 9.0 (critical): IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands…
CVE-2015-2016 — CVSS 9.0 (critical): Unspecified vulnerability in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users…
CVE-2016-2875 — CVSS 8.8 (high): IBM Security QRadar SIEM 7.1.x and 7.2.x before 7.2.7 allows remote authenticated users to execute arbitrary OS commands as root via…
CVE-2020-4272 — CVSS 8.8 (high): IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a…
CVE-2018-1418 — CVSS 8.8 (high): IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass authentication which could lead to code execution. IBM X-Force ID: 138824.
CVE-2018-1571 — CVSS 8.8 (high): IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a…
CVE-2017-1696 — CVSS 8.8 (high): IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a…
CVE-2019-4212 — CVSS 8.8 (high): IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized…
CVE-2015-2009 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in the xmlrpc.cgi service in IBM QRadar SIEM 7.1 before MR2 Patch 11 Interim Fix 02 and…
CVE-2016-9726 — CVSS 8.8 (high): IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a…
CVE-2020-4888 — CVSS 8.8 (high): IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the…
CVE-2016-2873 — CVSS 8.8 (high): SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute…
CVE-2020-4280 — CVSS 8.8 (high): IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization…
CVE-2016-9727 — CVSS 8.5 (high): IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted…
CVE-2023-22875 — CVSS 8.4 (high): IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the…
CVE-2020-4486 — CVSS 8.1 (high): IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect…
CVE-2020-5013 — CVSS 8.1 (high): IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker…
CVE-2016-9724 — CVSS 8.1 (high): IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A…
CVE-2019-4210 — CVSS 8.1 (high): IBM QRadar SIEM 7.3.2 could allow a user to bypass authentication exposing certain functionality which could lead to information disclosure…
CVE-2018-2024 — CVSS 8.1 (high): IBM QRadar SIEM 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or…
CVE-2016-2878 — CVSS 8.0 (high): Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote…
CVE-2021-39088 — CVSS 7.8 (high): IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities…
CVE-2019-4508 — CVSS 7.8 (high): IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in some instances which could be decrypted by a local attacker. IBM…
CVE-2021-20401 — CVSS 7.8 (high): IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound…
CVE-2020-4932 — CVSS 7.8 (high): IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound…
CVE-2016-2871 — CVSS 7.8 (high): IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to…
CVE-2016-2880 — CVSS 7.8 (high): IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. IBM Reference…
CVE-2016-2879 — CVSS 7.8 (high): IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user…
CVE-2025-36007 — CVSS 7.8 (high): IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege…
CVE-2020-4270 — CVSS 7.8 (high): IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to weak file permissions. IBM X-ForceID: 175846.
CVE-2025-33120 — CVSS 7.8 (high): IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to…
CVE-2020-4509 — CVSS 7.6 (high): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker…
CVE-2021-20337 — CVSS 7.5 (high): IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an…
CVE-2014-0838 — CVSS 7.5 (high): The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to execute arbitrary console…
CVE-2021-38919 — CVSS 7.5 (high): IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021
CVE-2021-20400 — CVSS 7.5 (high): IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2022-22480 — CVSS 7.5 (high): IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information…
CVE-2016-2876 — CVSS 7.5 (high): IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it…
CVE-2021-38878 — CVSS 7.5 (high): IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication. IBM…
CVE-2021-29750 — CVSS 7.5 (high): IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2020-4269 — CVSS 7.5 (high): IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own…
CVE-2016-9728 — CVSS 7.5 (high): IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the…
CVE-2016-9738 — CVSS 7.5 (high): IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords by default, which makes it easier for attackers to…
CVE-2016-9740 — CVSS 7.5 (high): IBM QRadar 7.2 could allow a remote attacker to consume all resources on the server due to not properly restricting the size or amount of…
CVE-2021-29755 — CVSS 7.5 (high): IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015.
CVE-2017-1162 — CVSS 7.5 (high): IBM QRadar 7.2 and 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the…
CVE-2019-4545 — CVSS 7.5 (high): IBM QRadar SIEM 7.3 and 7.4 when configured to use Active Directory Authentication may be susceptible to spoofing attacks. IBM X-Force ID…
CVE-2015-4956 — CVSS 7.4 (high): The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands…
CVE-2024-56462 — CVSS 7.2 (high): IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be…
CVE-2025-33121 — CVSS 7.1 (high): IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity injection (XXE) attack when processing XML…
CVE-2018-1730 — CVSS 7.1 (high): IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could…
CVE-2024-27269 — CVSS 6.8 (medium): IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across…
CVE-2014-0835 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to hijack the…
CVE-2014-4829 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before…
CVE-2022-43863 — CVSS 6.7 (medium): IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin…
CVE-2020-4151 — CVSS 6.5 (medium): IBM QRadar SIEM 7.3.0 through 7.3.3 could allow an authenticated attacker to perform unauthorized actions due to improper input validation…
CVE-2021-29880 — CVSS 6.5 (medium): IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be vulnerable to information disclosure between…
CVE-2014-4824 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Security QRadar SIEM 7.2 before 7.2.3 Patch 1 allows remote authenticated users to execute arbitrary SQL…
CVE-2025-33119 — CVSS 6.5 (medium): IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an…
CVE-2014-4833 — CVSS 6.5 (medium): IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote authenticated users to gain privileges via invalid input.
CVE-2024-28786 — CVSS 6.5 (medium): IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an…
CVE-2016-2881 — CVSS 6.5 (medium): IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 and QRadar Incident Forensics 7.2 before 7.2.7 allow remote attackers to…
CVE-2013-2970 — CVSS 6.5 (medium): Unspecified vulnerability in IBM QRadar Security Information and Event Manager (SIEM) 7.x before 7.1 MR2 Patch 1 allows remote…
CVE-2016-9729 — CVSS 6.5 (medium): IBM QRadar 7.2 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to…
CVE-2023-43041 — CVSS 6.5 (medium): IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile…
CVE-2016-9750 — CVSS 6.5 (medium): IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 120207.
CVE-2017-1723 — CVSS 6.5 (medium): IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a…
CVE-2022-34352 — CVSS 6.5 (medium): IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile…
CVE-2020-4485 — CVSS 6.5 (medium): IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to disable the Wincollect service which could aid an attacker in bypassing…
CVE-2020-4511 — CVSS 6.5 (medium): IBM QRadar SIEM 7.3 and 7.4 could allow an authenticated user to cause a denial of service of the qflow process by sending a malformed…
CVE-2020-4789 — CVSS 6.5 (medium): IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 could allow a remote attacker to traverse…
CVE-2020-4883 — CVSS 6.5 (medium): IBM QRadar SIEM 7.3 and 7.4 could disclose sensitive information about other domains which could be used in further attacks against the…
CVE-2020-4980 — CVSS 6.5 (medium): IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts when encrypt host connections is not…
CVE-2025-36138 — CVSS 6.4 (medium): IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows…
CVE-2025-33097 — CVSS 6.4 (medium): IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed…
CVE-2024-47107 — CVSS 6.4 (medium): IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary…
CVE-2025-36170 — CVSS 6.4 (medium): IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows…
CVE-2025-33118 — CVSS 6.4 (medium): IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated…
CVE-2020-4271 — CVSS 6.3 (medium): IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower…
CVE-2017-1722 — CVSS 6.3 (medium): IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which…
CVE-2020-4294 — CVSS 6.3 (medium): IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request Forgery (SSRF). This may allow an authenticated attacker to send…
CVE-2025-36050 — CVSS 6.2 (medium): IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local…
CVE-2025-36051 — CVSS 6.2 (medium): IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by…
CVE-2017-1724 — CVSS 6.1 (medium): IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2017-1623 — CVSS 6.1 (medium): IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web…
CVE-2019-4581 — CVSS 6.1 (medium): IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2016-9723 — CVSS 6.1 (medium): IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus…
CVE-2020-4513 — CVSS 6.1 (medium): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20397 — CVSS 6.1 (medium): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-29849 — CVSS 6.1 (medium): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2018-2021 — CVSS 6.1 (medium): IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2019-4594 — CVSS 5.9 (medium): IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable…
CVE-2016-9972 — CVSS 5.9 (medium): IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict…
CVE-2023-50949 — CVSS 5.9 (medium): IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation. IBM X-Force…
CVE-2017-1695 — CVSS 5.9 (medium): IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2022-34351 — CVSS 5.9 (medium): IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile…
CVE-2021-29779 — CVSS 5.9 (medium): IBM QRadar SIEM 7.3 and 7.4 could allow an attacker to obtain sensitive information due to the server performing key exchange without…
CVE-2019-4264 — CVSS 5.9 (medium): IBM QRadar SIEM 7.2.8 WinCollect could allow an attacker to obtain sensitive information by spoofing a trusted entity using man in the…
CVE-2023-26276 — CVSS 5.9 (medium): IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2018-1612 — CVSS 5.8 (medium): IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive…
CVE-2017-1721 — CVSS 5.6 (medium): IBM Security QRadar SIEM 7.2 and 7.3 could allow an unauthenticated user to execute code remotely with lower level privileges under unusual…
CVE-2022-22424 — CVSS 5.5 (medium): IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file…
CVE-2022-30613 — CVSS 5.5 (medium): IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366.
CVE-2020-4510 — CVSS 5.5 (medium): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker…
CVE-2020-4929 — CVSS 5.4 (medium): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2025-15051 — CVSS 5.4 (medium): IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2026-1276 — CVSS 5.4 (medium): IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows an authenticated…
CVE-2017-1133 — CVSS 5.4 (medium): IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus…
CVE-2017-1234 — CVSS 5.4 (medium): IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web…
CVE-2020-4268 — CVSS 5.4 (medium): IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2023-40367 — CVSS 5.4 (medium): IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web…
CVE-2020-4274 — CVSS 5.4 (medium): IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform unauthorized actions due to inadequate…
CVE-2024-28784 — CVSS 5.4 (medium): IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…
CVE-2019-4470 — CVSS 5.4 (medium): IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2020-4364 — CVSS 5.4 (medium): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2019-4454 — CVSS 5.4 (medium): IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2016-2869 — CVSS 5.4 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the UI in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote…
CVE-2025-36042 — CVSS 5.4 (medium): IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed…
CVE-2015-7409 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.6 allows remote authenticated users to inject…
CVE-2023-30994 — CVSS 5.4 (medium): IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2019-4211 — CVSS 5.4 (medium): IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2015-4957 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote…
CVE-2016-9720 — CVSS 5.3 (medium): IBM QRadar 7.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system…
CVE-2015-2005 — CVSS 5.3 (medium): IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x before 7.2.5 Patch 6 does not properly expire sessions, which allows…
CVE-2016-2872 — CVSS 5.3 (medium): Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows…
CVE-2016-9725 — CVSS 5.3 (medium): IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing (CORS), which is a mechanism that allows web sites to request…
CVE-2018-1729 — CVSS 5.3 (medium): IBM QRadar SIEM 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the…
CVE-2018-1733 — CVSS 5.3 (medium): IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled input data for syntax that has control-plane implications which…
CVE-2018-2022 — CVSS 5.3 (medium): IBM QRadar SIEM 7.2 and 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on…
CVE-2019-4262 — CVSS 5.3 (medium): IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send…
CVE-2019-4559 — CVSS 5.3 (medium): IBM QRadar SIEM 7.3.0 through 7.3.3 discloses sensitive information to unauthorized users. The information can be used to mount further…
CVE-2021-38939 — CVSS 5.3 (medium): IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to…
CVE-2021-39041 — CVSS 5.3 (medium): IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to…
CVE-2025-13995 — CVSS 5.0 (medium): IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from…
CVE-2014-6075 — CVSS 5.0 (medium): IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2…
CVE-2014-3091 — CVSS 5.0 (medium): Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.1.x and 7.2.x allows remote attackers to inject arbitrary web script…
CVE-2015-2007 — CVSS 5.0 (medium): Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.5 Patch 6 allows remote authenticated users to read…
CVE-2020-4993 — CVSS 4.9 (medium): IBM QRadar SIEM 7.3 and 7.4 when decompressing or verifying signature of zip files processes data in a way that may be vulnerable to path…
CVE-2021-38936 — CVSS 4.9 (medium): IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893.
CVE-2023-47146 — CVSS 4.9 (medium): IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified. IBM X-Force ID…
CVE-2022-22345 — CVSS 4.8 (medium): IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2024-56463 — CVSS 4.8 (medium): IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code…
CVE-2023-50961 — CVSS 4.8 (medium): IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2019-4654 — CVSS 4.8 (medium): IBM QRadar 7.3.0 to 7.3.3 Patch 2 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a…
CVE-2022-22320 — CVSS 4.8 (medium): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2023-26274 — CVSS 4.6 (medium): IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web…
CVE-2023-43057 — CVSS 4.6 (medium): IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web…
CVE-2015-2008 — CVSS 4.4 (medium): IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x before 7.2.6 includes SSH private keys during backup operations, which…
CVE-2021-29863 — CVSS 4.3 (medium): IBM QRadar SIEM 7.3 and 7.4 is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send…
CVE-2013-5463 — CVSS 4.3 (medium): The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 allows remote attackers to bypass intended access restrictions by…
CVE-2020-5032 — CVSS 4.3 (medium): IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of service attack when sent particular payloads…
CVE-2020-4786 — CVSS 4.3 (medium): IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery…
CVE-2019-4593 — CVSS 4.3 (medium): IBM QRadar 7.3.0 to 7.3.3 Patch 2 generates an error message that includes sensitive information that could be used in further attacks…
CVE-2019-4509 — CVSS 4.3 (medium): IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to incorrect authorization in some components which could allow an authenticated user to…
CVE-2023-26273 — CVSS 4.3 (medium): IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID…
CVE-2016-9730 — CVSS 4.3 (medium): IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and…
CVE-2014-4832 — CVSS 4.3 (medium): IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2…
CVE-2014-4830 — CVSS 4.3 (medium): IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie…
CVE-2014-4828 — CVSS 4.3 (medium): IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to conduct clickjacking attacks via a crafted HTTP request.
CVE-2014-4827 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to inject…
CVE-2014-4826 — CVSS 4.3 (medium): IBM Security QRadar SIEM 7.2 before 7.2.3 Patch 1 does not properly handle SSH connections, which allows remote attackers to obtain…
CVE-2014-4825 — CVSS 4.3 (medium): IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not properly implement secure connections, which allows man-in-the-middle…
CVE-2014-0837 — CVSS 4.3 (medium): The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier does not verify X.509 certificates from SSL servers, which allows…
CVE-2014-0836 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to inject arbitrary web…
CVE-2021-38874 — CVSS 4.3 (medium): IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM…
CVE-2021-29776 — CVSS 4.3 (medium): IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user's dashboard providing…
CVE-2017-1624 — CVSS 4.2 (medium): IBM QRadar 7.3 and 7.3.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified…
CVE-2016-9722 — CVSS 4.2 (medium): IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by…
CVE-2017-1733 — CVSS 4.0 (medium): IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 134914.
CVE-2023-50950 — CVSS 3.7 (low): IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. IBM X-Force ID: 275709.
CVE-2013-5448 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the Right Click Plugin context menus in IBM Security QRadar SIEM 7.1 and 7.2 before 7.2 MR1…
CVE-2013-6307 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.0 allows remote authenticated users to inject arbitrary web script…
CVE-2019-4054 — CVSS 3.3 (low): IBM QRadar SIEM 7.2 and 7.3 could allow a local user to obtain sensitive information when exporting content that could aid an attacker in…
CVE-2016-2877 — CVSS 3.3 (low): IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which…
CVE-2015-5044 — CVSS 3.3 (low): The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x before 7.2.5 Patch 4 IF3 allows remote…
CVE-2016-2874 — CVSS 3.1 (low): IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which allows remote authenticated users to obtain…
CVE-2016-2868 — CVSS 2.7 (low): IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote authenticated administrators to read arbitrary files via XML data containing an…
CVE-2024-56464 — CVSS 2.7 (low): IBM QRadar SIEM 7.5 - 7.5.0 UP14 IF01 is affected by an information disclosure vulnerability involving exposure of directory information…
CVE-2025-0164 — CVSS 2.3 (low): IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged user to perform unauthorized actions on…
CVE-2020-4787 — CVSS 2.3 (low): IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery…
CVE-2018-1725 — CVSS 2.3 (low): IBM QRadar SIEM 7.3 and 7.4 n a multi tenant configuration could be vulnerable to information disclosure. IBM X-Force ID: 147440.