PT-2025-44013 · Ibm · Ibm Qradar Siem
Fahimhusain Raydurg
·
Published
2025-10-27
·
Updated
2025-10-27
·
CVE-2025-36170
CVSS v3.1
6.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM QRadar SIEM versions 7.5 through 7.5.0 Update Pack 13 Independent Fix 02
Description
IBM QRadar SIEM versions 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is susceptible to stored cross-site scripting. An authenticated user can inject arbitrary JavaScript code into the Web UI, potentially modifying the intended functionality and leading to credentials disclosure within a trusted session. The vulnerability allows for the embedding of malicious scripts that can be executed when other users access the affected interface.
Recommendations
Update IBM QRadar SIEM to a version beyond 7.5.0 Update Pack 13 Independent Fix 02.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Qradar Siem