CVE-2025-36376
IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.
CVE-2024-45641
IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to improper SSL certificate validation.
CVE-2023-33861
IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering with the communication path between the host and client.
CVE-2024-45644
IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
CVE-2024-45643
IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information.
CVE-2024-45638
IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user.
CVE-2024-45654
IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs.
CVE-2024-45640
IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system.
CVE-2024-45100
IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration requests due to improper allocation of resources.