Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for qradar_advisor by ibm

    CVE-2024-49822 (GCVE-0-2024-49822)

    Vulnerability from nvd – Published: 2025-03-18 14:19 – Updated: 2025-09-01 01:04
    VLAI
    Title
    IBM QRadar Advisor server-side request forgery
    Summary
    IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7186424 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM QRadar Advisor with Watson Affected: 1.0.0 , ≤ 2.6.5 (semver)
        cpe:2.3:a:ibm:qradar_advisor_with_watson:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:qradar_advisor_with_watson:2.6.5:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-49822",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-18T14:29:33.359432Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-18T14:29:41.607Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:qradar_advisor_with_watson:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:qradar_advisor_with_watson:2.6.5:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "QRadar Advisor with Watson",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "2.6.5",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-01T01:04:44.637Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7186424"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM QRadar Advisor server-side request forgery",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2024-49822",
        "datePublished": "2025-03-18T14:19:44.773Z",
        "dateReserved": "2024-10-20T13:40:37.122Z",
        "dateUpdated": "2025-09-01T01:04:44.637Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-38896 (GCVE-0-2021-38896)

    Vulnerability from nvd – Published: 2021-10-20 18:35 – Updated: 2024-09-16 19:14
    VLAI
    Summary
    IBM QRadar Advisor 2.5 through 2.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209566.
    CWE
    • Cross-Site Scripting
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Qradar Advisor Affected: 2.5
    Affected: 2.6.1
    Create a notification for this product.
    Date Public
    2021-10-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T01:51:20.807Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6506461"
              },
              {
                "name": "ibm-qradar-cve202138896-xss (209566)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209566"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Qradar Advisor",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.6.1"
                }
              ]
            }
          ],
          "datePublic": "2021-10-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM QRadar Advisor 2.5 through 2.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209566."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "CHANGED",
                "temporalScore": 5.8,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/PR:N/C:L/AV:N/I:L/S:C/AC:L/A:N/UI:R/E:H/RL:O/RC:C",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-Site Scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-20T18:35:10.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/6506461"
            },
            {
              "name": "ibm-qradar-cve202138896-xss (209566)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209566"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2021-10-19T00:00:00",
              "ID": "CVE-2021-38896",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Qradar Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM QRadar Advisor 2.5 through 2.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209566."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "L",
                  "I": "L",
                  "PR": "N",
                  "S": "C",
                  "UI": "R"
                },
                "TM": {
                  "E": "H",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-Site Scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/6506461",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 6506461 (Qradar Advisor)",
                  "url": "https://www.ibm.com/support/pages/node/6506461"
                },
                {
                  "name": "ibm-qradar-cve202138896-xss (209566)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209566"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2021-38896",
        "datePublished": "2021-10-20T18:35:10.768Z",
        "dateReserved": "2021-08-16T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:14:48.706Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4672 (GCVE-0-2019-4672)

    Vulnerability from nvd – Published: 2020-02-25 13:55 – Updated: 2024-09-16 19:00
    VLAI
    Summary
    IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 171438.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Qradar Advisor Affected: 1.1
    Affected: 2.5
    Create a notification for this product.
    Date Public
    2020-02-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:40:49.010Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/3379965"
              },
              {
                "name": "ibm-qradar-cve20194672-info-disc (171438)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171438"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Qradar Advisor",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                }
              ]
            }
          ],
          "datePublic": "2020-02-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 171438."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 4.6,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/S:U/A:N/C:L/PR:N/UI:N/AV:N/I:N/AC:L/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-25T13:55:18.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/3379965"
            },
            {
              "name": "ibm-qradar-cve20194672-info-disc (171438)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171438"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-02-24T00:00:00",
              "ID": "CVE-2019-4672",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Qradar Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.1"
                              },
                              {
                                "version_value": "2.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 171438."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "L",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/3379965",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 3379965 (Qradar Advisor)",
                  "url": "https://www.ibm.com/support/pages/node/3379965"
                },
                {
                  "name": "ibm-qradar-cve20194672-info-disc (171438)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171438"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4672",
        "datePublished": "2020-02-25T13:55:18.453Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:00:26.263Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4557 (GCVE-0-2019-4557)

    Vulnerability from nvd – Published: 2020-02-25 13:55 – Updated: 2024-09-16 20:28
    VLAI
    Summary
    IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Qradar Advisor Affected: 1.1
    Affected: 2.5
    Create a notification for this product.
    Date Public
    2020-02-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:40:47.685Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/3379947"
              },
              {
                "name": "ibm-qradar-cve20194557-info-disc (166206)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/166206"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Qradar Advisor",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                }
              ]
            }
          ],
          "datePublic": "2020-02-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 5.2,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AC:H/AV:N/UI:N/I:N/A:N/PR:N/C:H/S:U/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-25T13:55:17.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/3379947"
            },
            {
              "name": "ibm-qradar-cve20194557-info-disc (166206)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/166206"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-02-24T00:00:00",
              "ID": "CVE-2019-4557",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Qradar Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.1"
                              },
                              {
                                "version_value": "2.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "H",
                  "AV": "N",
                  "C": "H",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/3379947",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 3379947 (Qradar Advisor)",
                  "url": "https://www.ibm.com/support/pages/node/3379947"
                },
                {
                  "name": "ibm-qradar-cve20194557-info-disc (166206)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/166206"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4557",
        "datePublished": "2020-02-25T13:55:18.036Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:28:10.005Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-49822 (GCVE-0-2024-49822)

    Vulnerability from cvelistv5 – Published: 2025-03-18 14:19 – Updated: 2025-09-01 01:04
    VLAI
    Title
    IBM QRadar Advisor server-side request forgery
    Summary
    IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7186424 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM QRadar Advisor with Watson Affected: 1.0.0 , ≤ 2.6.5 (semver)
        cpe:2.3:a:ibm:qradar_advisor_with_watson:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:qradar_advisor_with_watson:2.6.5:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-49822",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-18T14:29:33.359432Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-18T14:29:41.607Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:qradar_advisor_with_watson:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:qradar_advisor_with_watson:2.6.5:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "QRadar Advisor with Watson",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "2.6.5",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-01T01:04:44.637Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7186424"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM QRadar Advisor server-side request forgery",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2024-49822",
        "datePublished": "2025-03-18T14:19:44.773Z",
        "dateReserved": "2024-10-20T13:40:37.122Z",
        "dateUpdated": "2025-09-01T01:04:44.637Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-38896 (GCVE-0-2021-38896)

    Vulnerability from cvelistv5 – Published: 2021-10-20 18:35 – Updated: 2024-09-16 19:14
    VLAI
    Summary
    IBM QRadar Advisor 2.5 through 2.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209566.
    CWE
    • Cross-Site Scripting
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Qradar Advisor Affected: 2.5
    Affected: 2.6.1
    Create a notification for this product.
    Date Public
    2021-10-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T01:51:20.807Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6506461"
              },
              {
                "name": "ibm-qradar-cve202138896-xss (209566)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209566"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Qradar Advisor",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.6.1"
                }
              ]
            }
          ],
          "datePublic": "2021-10-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM QRadar Advisor 2.5 through 2.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209566."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "CHANGED",
                "temporalScore": 5.8,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/PR:N/C:L/AV:N/I:L/S:C/AC:L/A:N/UI:R/E:H/RL:O/RC:C",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-Site Scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-20T18:35:10.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/6506461"
            },
            {
              "name": "ibm-qradar-cve202138896-xss (209566)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209566"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2021-10-19T00:00:00",
              "ID": "CVE-2021-38896",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Qradar Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM QRadar Advisor 2.5 through 2.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209566."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "L",
                  "I": "L",
                  "PR": "N",
                  "S": "C",
                  "UI": "R"
                },
                "TM": {
                  "E": "H",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-Site Scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/6506461",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 6506461 (Qradar Advisor)",
                  "url": "https://www.ibm.com/support/pages/node/6506461"
                },
                {
                  "name": "ibm-qradar-cve202138896-xss (209566)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209566"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2021-38896",
        "datePublished": "2021-10-20T18:35:10.768Z",
        "dateReserved": "2021-08-16T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:14:48.706Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4672 (GCVE-0-2019-4672)

    Vulnerability from cvelistv5 – Published: 2020-02-25 13:55 – Updated: 2024-09-16 19:00
    VLAI
    Summary
    IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 171438.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Qradar Advisor Affected: 1.1
    Affected: 2.5
    Create a notification for this product.
    Date Public
    2020-02-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:40:49.010Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/3379965"
              },
              {
                "name": "ibm-qradar-cve20194672-info-disc (171438)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171438"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Qradar Advisor",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                }
              ]
            }
          ],
          "datePublic": "2020-02-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 171438."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 4.6,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/S:U/A:N/C:L/PR:N/UI:N/AV:N/I:N/AC:L/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-25T13:55:18.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/3379965"
            },
            {
              "name": "ibm-qradar-cve20194672-info-disc (171438)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171438"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-02-24T00:00:00",
              "ID": "CVE-2019-4672",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Qradar Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.1"
                              },
                              {
                                "version_value": "2.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 171438."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "L",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/3379965",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 3379965 (Qradar Advisor)",
                  "url": "https://www.ibm.com/support/pages/node/3379965"
                },
                {
                  "name": "ibm-qradar-cve20194672-info-disc (171438)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171438"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4672",
        "datePublished": "2020-02-25T13:55:18.453Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:00:26.263Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4557 (GCVE-0-2019-4557)

    Vulnerability from cvelistv5 – Published: 2020-02-25 13:55 – Updated: 2024-09-16 20:28
    VLAI
    Summary
    IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Qradar Advisor Affected: 1.1
    Affected: 2.5
    Create a notification for this product.
    Date Public
    2020-02-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:40:47.685Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/3379947"
              },
              {
                "name": "ibm-qradar-cve20194557-info-disc (166206)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/166206"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Qradar Advisor",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                }
              ]
            }
          ],
          "datePublic": "2020-02-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 5.2,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AC:H/AV:N/UI:N/I:N/A:N/PR:N/C:H/S:U/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-25T13:55:17.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/3379947"
            },
            {
              "name": "ibm-qradar-cve20194557-info-disc (166206)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/166206"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-02-24T00:00:00",
              "ID": "CVE-2019-4557",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Qradar Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.1"
                              },
                              {
                                "version_value": "2.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "H",
                  "AV": "N",
                  "C": "H",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/3379947",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 3379947 (Qradar Advisor)",
                  "url": "https://www.ibm.com/support/pages/node/3379947"
                },
                {
                  "name": "ibm-qradar-cve20194557-info-disc (166206)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/166206"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4557",
        "datePublished": "2020-02-25T13:55:18.036Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:28:10.005Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }