Skip to main content

Qradar User Behavior Analytics

6 CVEs product

Monthly

CVE-2022-36771 MEDIUM PATCH This Month

IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass IBM Qradar User Behavior Analytics
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-29757 HIGH PATCH This Week

IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Qradar User Behavior Analytics
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-20429 MEDIUM This Month

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Authentication Bypass Qradar User Behavior Analytics
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-20393 HIGH This Week

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Qradar User Behavior Analytics
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-20392 MEDIUM This Month

IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Qradar User Behavior Analytics
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-20391 LOW Monitor

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Qradar User Behavior Analytics
NVD
CVSS 3.1
3.3
EPSS
0.2%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass IBM Qradar User Behavior Analytics
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Qradar User Behavior Analytics
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Authentication Bypass Qradar User Behavior Analytics
NVD
EPSS 1% CVSS 7.5
HIGH This Week

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Qradar User Behavior Analytics
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Qradar User Behavior Analytics
NVD
EPSS 0% CVSS 3.3
LOW Monitor

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Qradar User Behavior Analytics
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy