Ibm Security Qradar Edr vulnerabilities

CVE-2025-36379 [MEDIUM] CWE-326 CVE-2025-36379: IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptogra IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

CVE-2025-36377 [MEDIUM] CWE-613 CVE-2025-36377: IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.

CVE-2025-36376 [MEDIUM] CWE-613 CVE-2025-36376: IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.

CVE-2023-33861 [MEDIUM] CWE-295 CVE-2023-33861: IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering with t IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering with the communication path between the host and client.

CVE-2024-45641 [MEDIUM] CWE-295 CVE-2024-45641: IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to improper IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to improper SSL certificate validation.

CVE-2024-45644 [MEDIUM] CWE-434 CVE-2024-45644: IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types tha IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

CVE-2024-45643 [MEDIUM] CWE-327 CVE-2024-45643: IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information.

CVE-2024-45638 [MEDIUM] CWE-256 CVE-2024-45638: IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local priv IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user.

CVE-2024-45654 [MEDIUM] CWE-807 CVE-2024-45654: IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to re IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs.

CVE-2024-45640 [MEDIUM] CWE-497 CVE-2024-45640: IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in fur IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system.

CVE-2024-45100 [MEDIUM] CWE-770 CVE-2024-45100: IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multi IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration requests due to improper allocation of resources.

CVE-2024-45642 [MEDIUM] CWE-942 CVE-2024-45642: IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileg IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2024-45099 [LOW] CWE-79 CVE-2024-45099: IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileg IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-33860 [MEDIUM] CWE-614 CVE-2023-33860: IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session co IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping t

CVE-2023-35006 [MEDIUM] CWE-80 CVE-2023-35006: IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject malicio IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.

CVE-2023-33859 [MEDIUM] CWE-204 CVE-2023-33859: IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login respons IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697.