Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Qradar_user_behavior_analytics
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-28 | CVE-2022-36771 | IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791. | Qradar_user_behavior_analytics | 6.5 | ||
| 2021-05-14 | CVE-2021-20391 | IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999. | Qradar_user_behavior_analytics | 3.3 | ||
| 2021-05-14 | CVE-2021-20392 | IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | Qradar_user_behavior_analytics | 6.1 | ||
| 2021-05-14 | CVE-2021-20393 | IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001. | Qradar_user_behavior_analytics | 7.5 | ||
| 2021-05-14 | CVE-2021-20429 | IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334. | Qradar_user_behavior_analytics | 5.3 | ||
| 2021-08-02 | CVE-2021-29757 | IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168. | Qradar_user_behavior_analytics | 8.8 |