Ibm Security_qradar_edr
15 CVEs affecting Ibm Security_qradar_edr. Latest disclosed: 2026-06-11. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-45641 | Medium | 6.5 | 2025-05-20 | IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to improper SSL certificate validation. |
CVE-2023-33861 | Medium | 6.5 | 2025-05-20 | IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering with the communication path between the host and client. |
CVE-2025-36376 | Medium | 6.3 | 2026-02-17 | IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate anot… |
CVE-2024-45643 | Medium | 5.9 | 2025-03-14 | IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information. |
CVE-2023-35006 | Medium | 5.4 | 2024-07-10 | IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the v… |
CVE-2024-45640 | Medium | 5.3 | 2025-01-07 | IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system. |
CVE-2024-45642 | Medium | 5.3 | 2024-11-14 | IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI th… |
CVE-2023-33860 | Medium | 5.3 | 2024-07-10 | IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by se… |
CVE-2023-33859 | Medium | 5.3 | 2024-07-10 | IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697. |
CVE-2024-45100 | Medium | 4.9 | 2025-01-07 | IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration requests due to improper allocation of r… |
CVE-2024-45644 | Medium | 4.7 | 2025-03-19 | IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's envir… |
CVE-2024-45654 | Medium | 4.3 | 2025-01-19 | IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs. |
CVE-2024-45636 | Medium | 4.1 | 2026-06-11 | IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user. |
CVE-2024-45638 | Medium | 4.1 | 2025-03-14 | IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user. |
CVE-2024-45099 | Low | 3.1 | 2024-11-14 | IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI th… |