Security Qradar Edr
CVE-2024-45644
MEDIUM
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
AnalysisAI
IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Unrestricted File Upload (CWE-434), which allows attackers to upload malicious files that can be executed on the server. IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment. Affected products include: Ibm Security Qradar Edr.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate file types server-side, store uploads outside webroot, use random filenames, scan for malware.
More in Security Qradar Edr
View allIBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering with the communication pat
IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to improper SSL certificate val
Security Qradar Edr versions up to 3.12.23 is affected by insufficient session expiration (CVSS 6.3).
IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.3), this vulnerability is
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is
IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileg
IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user. Rated m
IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted
IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against
IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration r
Same technique File Upload
View allShare
External POC / Exploit Code
Leaving vuln.today