Ibm Qradar Security Information And Event Manager vulnerabilities

CVE-2026-1276 [MEDIUM] CWE-79 CVE-2026-1276: IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vu IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-15051 [MEDIUM] CWE-79 CVE-2025-15051: IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vu IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality.

CVE-2025-13995 [MEDIUM] CWE-1286 CVE-2025-13995: IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one ten IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from another tenant's account.

CVE-2025-36051 [MEDIUM] CWE-538 CVE-2025-36051: IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in co IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by a local user.

CVE-2024-56464 [LOW] CWE-548 CVE-2024-56464: IBM QRadar SIEM 7.5 - 7.5.0 UP14 IF01 is affected by an information disclosure vulnerability involvi IBM QRadar SIEM 7.5 - 7.5.0 UP14 IF01 is affected by an information disclosure vulnerability involving exposure of directory information. IBM has addressed this vulnerability in the latest update.

CVE-2025-33119 [MEDIUM] CWE-260 CVE-2025-33119: IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source cont IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.

CVE-2025-36007 [HIGH] CWE-266 CVE-2025-36007: IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escal IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script.

CVE-2025-36138 [MEDIUM] CWE-79 CVE-2025-36138: IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-si IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-36170 [MEDIUM] CWE-79 CVE-2025-36170: IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-si IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-0164 [LOW] CWE-732 CVE-2025-0164: IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged use IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged user to perform unauthorized actions on configuration files due to improper permission assignment.

CVE-2025-33120 [HIGH] CWE-250 CVE-2025-33120: IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privilege IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.

CVE-2025-36042 [MEDIUM] CWE-79 CVE-2025-36042: IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerabilit IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-33118 [MEDIUM] CWE-79 CVE-2025-33118: IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-33097 [MEDIUM] CWE-79 CVE-2025-33097: IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerabili IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-33117 [CRITICAL] CWE-73 CVE-2025-33117: IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configu IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands.

CVE-2025-33121 [HIGH] CWE-611 CVE-2025-33121: IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity injecti IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.

CVE-2025-36050 [MEDIUM] CWE-532 CVE-2025-36050: IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local user.

CVE-2024-56463 [MEDIUM] CWE-79 CVE-2024-56463: IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged us IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2024-28786 [MEDIUM] CWE-319 CVE-2024-28786: IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication ch IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.

CVE-2024-47107 [MEDIUM] CWE-79 CVE-2024-47107: IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenti IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.