IBM Qradar User Behavior Analytics
By the Year
In 2024 there have been 0 vulnerabilities in IBM Qradar User Behavior Analytics . Qradar User Behavior Analytics did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 1 | 6.50 |
2021 | 5 | 6.20 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Qradar User Behavior Analytics vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Qradar User Behavior Analytics Security Vulnerabilities
IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from
CVE-2022-36771
6.5 - Medium
- September 28, 2022
IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791.
IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user
CVE-2021-29757
8.8 - High
- August 02, 2021
IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168.
Session Riding
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy
CVE-2021-20429
5.3 - Medium
- May 14, 2021
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334.
AuthZ
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could
CVE-2021-20393
7.5 - High
- May 14, 2021
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001.
Generation of Error Message Containing Sensitive Information
IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting
CVE-2021-20392
6.1 - Medium
- May 14, 2021
IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
XSS
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0
CVE-2021-20391
3.3 - Low
- May 14, 2021
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999.
Insecure Storage of Sensitive Information
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Qradar User Behavior Analytics or by IBM? Click the Watch button to subscribe.