Skip to main content

Qradar Wincollect

6 CVEs product

Monthly

CVE-2024-51461 MEDIUM This Month

IBM QRadar WinCollect Agent 10.0 through 10.1.13 could allow a remote attacker to cause a denial of service by interrupting an HTTP request that could consume memory resources. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Qradar Wincollect
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-51462 MEDIUM Monitor

IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection IBM Qradar Wincollect
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2023-26279 HIGH PATCH This Week

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass IBM Qradar Wincollect
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-38736 HIGH This Week

IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation IBM Qradar Wincollect
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-26278 HIGH This Week

IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain elevated privileges on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure IBM Qradar Wincollect
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-26277 HIGH This Week

IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the system due to execution with unnecessary privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure IBM Qradar Wincollect
NVD
CVSS 3.1
7.8
EPSS
0.2%
EPSS 0% CVSS 4.3
MEDIUM This Month

IBM QRadar WinCollect Agent 10.0 through 10.1.13 could allow a remote attacker to cause a denial of service by interrupting an HTTP request that could consume memory resources. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Qradar Wincollect
NVD
EPSS 0% CVSS 4.0
MEDIUM Monitor

IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection IBM Qradar Wincollect
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass IBM Qradar Wincollect
NVD
EPSS 0% CVSS 7.8
HIGH This Week

IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation IBM Qradar Wincollect
NVD
EPSS 0% CVSS 7.8
HIGH This Week

IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain elevated privileges on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure IBM Qradar Wincollect
NVD
EPSS 0% CVSS 7.8
HIGH This Week

IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the system due to execution with unnecessary privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure IBM Qradar Wincollect
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy