CVE-2021-38936Sensitive Information Exposure in IBM Qradar Security Information AND Event Manager

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.2%
top 59.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Qradar Security Information AND Event ManagerIBM Qradar Siem
Timeline
PublishedJul 20
Latest updateJul 21

Description

IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/qradar_siem6 versions+5

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-pxp4-v7r3-2566: IBM QRadar SIEM 72022-07-21
CVEList
CVE-2021-38936: IBM QRadar SIEM 72022-07-20
CVE-2021-38936 — Sensitive Information Exposure in IBM | cvebase