Bohdan Korzhynskyi

#11010of 53,638
25Total CVSS
Vulnerabilities · 4
Medium
3
High
1
PT-2019-17090
5.4
2019-11-09
Ibm · Ibm Qradar · CVE-2019-4454
**Name of the Vulnerable Software and Affected Versions** IBM QRadar versions 7.3.0 through 7.3.2 Patch 4 **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. **Recommendations** For IBM QRadar versions 7.3.0 through 7.3.2 Patch 4, consider disabling JavaScript execution in the Web UI as a temporary workaround until a patch is available. Restrict access to the Web UI to minimize the risk of exploitation.
PT-2019-17098
5.4
2019-11-09
Ibm · Ibm Qradar · CVE-2019-4470
**Name of the Vulnerable Software and Affected Versions** IBM QRadar versions 7.3.0 through 7.3.2 Patch 4 **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. **Recommendations** For IBM QRadar versions 7.3.0 through 7.3.2 Patch 4, consider restricting access to the Web UI until a fix is available. As a temporary workaround, avoid using the Web UI for sensitive operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-16968
8.8
2019-07-25
Ibm · Ibm Qradar Siem · CVE-2019-4212
**Name of the Vulnerable Software and Affected Versions** IBM QRadar SIEM versions 7.2 through 7.3 **Description** The issue allows an attacker to execute malicious and unauthorized actions by exploiting cross-site request forgery. This could be done by transmitting actions from a user that the website trusts. **Recommendations** For IBM QRadar SIEM versions 7.2 through 7.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-16967
5.4
2019-07-17
Ibm · Ibm Qradar Siem · CVE-2019-4211
**Name of the Vulnerable Software and Affected Versions** IBM QRadar SIEM versions 7.2 through 7.3 **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. **Recommendations** For versions 7.2 and 7.3, update to a version that includes a fix for this issue to prevent cross-site scripting attacks.