Description
IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected products
- ibm / security_qradar_edr3.12 – 3.12
- ibm / security_qradar_edr3.12.0 – 3.12.0
- ibm / security_qradar_edr3.12.24 – 3.12.24