Ibm Qradar Siem vulnerabilities

CVE-2026-1276 [MEDIUM] CWE-79 CVE-2026-1276: IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vu IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-15051 [MEDIUM] CWE-79 CVE-2025-15051: IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vu IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality.

CVE-2025-36051 [MEDIUM] CWE-538 CVE-2025-36051: IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in co IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by a local user.

CVE-2025-36007 [HIGH] CWE-266 CVE-2025-36007: IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escal IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script.

CVE-2025-36138 [MEDIUM] CWE-79 CVE-2025-36138: IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-si IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-36170 [MEDIUM] CWE-79 CVE-2025-36170: IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-si IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-0164 [LOW] CWE-732 CVE-2025-0164: IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged use IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged user to perform unauthorized actions on configuration files due to improper permission assignment.

CVE-2025-33120 [HIGH] CWE-250 CVE-2025-33120: IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privilege IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.

CVE-2025-36042 [MEDIUM] CWE-79 CVE-2025-36042: IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerabilit IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-33118 [MEDIUM] CWE-79 CVE-2025-33118: IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-33097 [MEDIUM] CWE-79 CVE-2025-33097: IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerabili IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2025-33117 [CRITICAL] CWE-73 CVE-2025-33117: IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configu IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands.

CVE-2025-33121 [HIGH] CWE-611 CVE-2025-33121: IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity injecti IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.

CVE-2025-36050 [MEDIUM] CWE-532 CVE-2025-36050: IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local user.

CVE-2024-56463 [MEDIUM] CWE-79 CVE-2024-56463: IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged us IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2024-28786 [MEDIUM] CWE-319 CVE-2024-28786: IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication ch IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.

CVE-2024-47107 [MEDIUM] CWE-79 CVE-2024-47107: IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenti IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2024-27269 [MEDIUM] CWE-286 CVE-2024-27269: IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose u IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575.

CVE-2023-50949 [MEDIUM] CWE-295 CVE-2023-50949: IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation. IBM X-Force ID: 275706.

CVE-2024-28784 [MEDIUM] CWE-79 CVE-2024-28784: IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893.