Ibm Qradar Advisor With Watson vulnerabilities

CVE-2024-49822 [MEDIUM] CWE-918 CVE-2024-49822: IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

CVE-2021-20380 [HIGH] CVE-2021-20380: IBM QRadar Advisor With Watson App 1.1 through 2.5 as used on IBM QRadar SIEM 7.4 could allow a remo IBM QRadar Advisor With Watson App 1.1 through 2.5 as used on IBM QRadar SIEM 7.4 could allow a remote user to obtain sensitive information from HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 195712.

CVE-2019-4556 [MEDIUM] CVE-2019-4556: IBM QRadar Advisor 1.0.0 through 2.4.0 uses incomplete blacklisting for input validation which allow IBM QRadar Advisor 1.0.0 through 2.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 166205.

CVE-2018-1732 [HIGH] CWE-200 CVE-2018-1732: IBM QRadar Advisor with Watson 1.14.0 discloses sensitive information to unauthorized users. The inf IBM QRadar Advisor with Watson 1.14.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 147810.