Ibm Security Qradar Incident Forensics — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Security Qradar Incident Forensics, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2015-1997 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2.x before 7.2.5 Patch 5 allows remote…
CVE-2015-1989 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to…
CVE-2016-2968 — CVSS 6.5 (medium): IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive…
CVE-2016-2872 — CVSS 5.3 (medium): Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows…
CVE-2015-1994 — CVSS 5.0 (medium): IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not include the HTTPOnly flag in a Set-Cookie header for the session…
CVE-2015-1993 — CVSS 5.0 (medium): IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag for unspecified cookies in an https session…
CVE-2015-1999 — CVSS 5.0 (medium): IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https URLs, which allows remote attackers to obtain…
CVE-2015-1919 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary…
CVE-2015-1995 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allow remote…
CVE-2015-1996 — CVSS 2.1 (low): IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not prevent caching of HTTPS responses, which allows physically…