Ibm Qradar Incident Forensics vulnerabilities

17 known vulnerabilities affecting ibm/qradar_incident_forensics.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

HIGH6MEDIUM10LOW1

Vulnerabilities

Page 1 of 1

CVE-2025-33120HIGHCVSS 7.8v7.5.02025-08-22

CVE-2025-33120 [HIGH] CWE-250 CVE-2025-33120: IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privilege IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.

nvd

CVE-2025-36042MEDIUMCVSS 5.4v7.5.02025-08-22

CVE-2025-36042 [MEDIUM] CWE-79 CVE-2025-36042: IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerabilit IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

nvd

CVE-2017-1622HIGHCVSS 7.4≥ 7.2.0, < 7.2.8≥ 7.3.0, < 7.3.1+2 more2018-12-05

CVE-2017-1622 [LOW] CWE-295 CVE-2017-1622: IBM QRadar SIEM 7.2.8 and 7.3 does not validate, or incorrectly validates, a certificate. This weakn IBM QRadar SIEM 7.2.8 and 7.3 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-force ID: 133120.

nvd

CVE-2018-1648HIGHCVSS 7.5≥ 7.2.0, < 7.2.8≥ 7.3.0, < 7.3.1+2 more2018-12-05

CVE-2018-1648 [HIGH] CWE-326 CVE-2018-1648: IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an a IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144653.

nvd

CVE-2018-1650MEDIUMCVSS 5.5≥ 7.2.0, < 7.2.8≥ 7.3.0, < 7.3.1+2 more2018-12-05

CVE-2018-1650 [MEDIUM] CWE-798 CVE-2018-1650: IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass the IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass the authentication configured by the administrator. IBM X-Force ID: 144656.

nvd

CVE-2018-1728MEDIUMCVSS 5.4≥ 7.2.0, < 7.2.8≥ 7.3.0, < 7.3.1+2 more2018-12-05

CVE-2018-1728 [MEDIUM] CWE-79 CVE-2018-1728: IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users t IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147707.

nvd

CVE-2018-1568LOWCVSS 3.3≥ 7.2.0, < 7.2.8≥ 7.3.0, < 7.3.1+2 more2018-12-05

CVE-2018-1568 [MEDIUM] CWE-200 CVE-2018-1568: IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 143118.

nvd

CVE-2018-1647HIGHCVSS 7.5v7.2.8v7.3.1+4 more2018-10-05

CVE-2018-1647 [HIGH] CWE-770 CVE-2018-1647: IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict the size or amount of resources IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict the size or amount of resources requested which could allow an unauthenticated user to cause a denial of service. IBM X-Force ID: 144650.

cvelistv5nvd

CVE-2018-1649MEDIUMCVSS 6.5v7.2.8v7.3.1+4 more2018-10-05

CVE-2018-1649 [HIGH] CWE-22 CVE-2018-1649: IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on t IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 144655.

cvelistv5nvd

CVE-2017-1724MEDIUMCVSS 6.1≥ 7.2.0, < 7.2.8v7.2.8+2 more2018-04-26

CVE-2017-1724 [MEDIUM] CWE-79 CVE-2017-1724: IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allow IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134814.

nvd

CVE-2017-1723MEDIUMCVSS 6.5≥ 7.2.0, < 7.2.8v7.2.8+2 more2018-04-26

CVE-2017-1723 [MEDIUM] CWE-22 CVE-2017-1723: IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the sy IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 134812.

nvd

CVE-2016-9727HIGHCVSS 8.5v7.2.0v7.2.1+7 more2017-03-07

CVE-2016-9727 [HIGH] CWE-20 CVE-2016-9727: IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the syst IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference #: 1999542.

nvd

CVE-2016-9726HIGHCVSS 8.8v7.2.0v7.2.1+7 more2017-03-07

CVE-2016-9726 [HIGH] CWE-20 CVE-2016-9726: IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary c IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference #: 1999542.

nvd

CVE-2016-9730MEDIUMCVSS 4.3v7.2.0v7.2.1+7 more2017-03-07

CVE-2016-9730 [MEDIUM] CWE-352 CVE-2016-9730: IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an a IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1999549.

nvd

CVE-2016-9723MEDIUMCVSS 6.1v7.2.0v7.2.1+7 more2017-03-07

CVE-2016-9723 [MEDIUM] CWE-79 CVE-2016-9723: IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbit IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999534.

nvd

CVE-2017-1133MEDIUMCVSS 5.4v7.2.0v7.2.1+7 more2017-03-07

CVE-2017-1133 [MEDIUM] CWE-79 CVE-2017-1133: IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbit IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999534.

nvd

CVE-2016-9720MEDIUMCVSS 5.3v7.2.0v7.2.1+7 more2017-03-07

CVE-2016-9720 [MEDIUM] CWE-200 CVE-2016-9720: IBM QRadar 7.2 discloses sensitive information to unauthorized users. The information can be used to IBM QRadar 7.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM Reference #: 1999533.

nvd