Qradar Edr
CVE-2025-36377
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.
AnalysisAI
IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system. [CVSS 6.3 MEDIUM]
Technical ContextAI
Classified as CWE-613 (Insufficient Session Expiration). Affects Qradar Edr. IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
More in Qradar Edr
View allSame weakness CWE-613 – Insufficient Session Expiration
View allShare
External POC / Exploit Code
Leaving vuln.today