Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-36771 | 1 Ibm | 1 Qradar User Behavior Analytics | 2024-11-21 | N/A | 6.5 MEDIUM |
IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791. | |||||
CVE-2021-29757 | 1 Ibm | 1 Qradar User Behavior Analytics | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168. | |||||
CVE-2021-20429 | 1 Ibm | 1 Qradar User Behavior Analytics | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334. | |||||
CVE-2021-20393 | 1 Ibm | 1 Qradar User Behavior Analytics | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001. | |||||
CVE-2021-20392 | 1 Ibm | 1 Qradar User Behavior Analytics | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
CVE-2021-20391 | 1 Ibm | 1 Qradar User Behavior Analytics | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999. |