Ibm Qradar Wincollect Agent vulnerabilities

9 known vulnerabilities affecting ibm/qradar_wincollect_agent.

Total CVEs

9

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH4MEDIUM5

Vulnerabilities

Page 1 of 1

CVE-2024-51461MEDIUMCVSS 6.5≥ 10.0, ≤ 10.1.132025-04-11

CVE-2024-51461 [MEDIUM] CWE-770 CVE-2024-51461: IBM QRadar WinCollect Agent 10.0 through 10.1.13 could allow a remote attacker to cause a denial of IBM QRadar WinCollect Agent 10.0 through 10.1.13 could allow a remote attacker to cause a denial of service by interrupting an HTTP request that could consume memory resources.

CVE-2024-51462MEDIUMCVSS 5.3≥ 10.0.0, ≤ 10.1.122025-01-17

CVE-2024-51462 [MEDIUM] CWE-471 CVE-2024-51462: IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data.

CVE-2022-43880MEDIUMCVSS 4.4≥ 10.0, ≤ 10.1.22024-03-03

CVE-2022-43880 [MEDIUM] CWE-400 CVE-2022-43880: IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial of s IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial of service. IBM X-Force ID: 240151.

CVE-2023-26279HIGHCVSS 7.8≥ 10.0, ≤ 10.1.72023-11-24

CVE-2023-26279 [LOW] CWE-116 CVE-2023-26279: IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized ac IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. IBM X-Force ID: 248160.

CVE-2021-39008MEDIUMCVSS 4.9≥ 10.0, ≤ 10.1.72023-11-23

CVE-2021-39008 [LOW] CWE-200 CVE-2021-39008: IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive i IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551.

CVE-2023-38736HIGHCVSS 7.8≥ 10.0, ≤ 10.1.62023-09-08

CVE-2023-38736 [HIGH] CVE-2023-38736: IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulner IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542.

CVE-2023-26277HIGHCVSS 7.8≥ 10.0, ≤ 10..32023-05-31

CVE-2023-26277 [HIGH] CVE-2023-26277: IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the s IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the system due to execution with unnecessary privileges. IBM X-Force ID: 248156.

CVE-2023-26278HIGHCVSS 7.8≥ 10.0, ≤ 10..32023-05-31

CVE-2023-26278 [HIGH] CVE-2023-26278: IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain e IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain elevated privileges on the system. IBM X-Force ID: 248158.

CVE-2021-39006MEDIUMCVSS 5.3v10.0v10.0.12022-06-21

CVE-2021-39006 [MEDIUM] CVE-2021-39006: IBM QRadar WinCollect Agent 10.0 and 10.0.1 could allow an attacker to obtain sensitive information IBM QRadar WinCollect Agent 10.0 and 10.0.1 could allow an attacker to obtain sensitive information due to missing best practices. IBM X-Force ID: 213549.