CVE-2025-15051 - Vulnerability Details

- IBM QRadar SIEM Cross-Site Scripting

Description

IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality.

Published: 2026-03-19

Score: 5.4 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

IBM QRadar SIEM version 7.5.0 through Update Pack 14 contains a cross‑site scripting flaw that allows an attacker to embed arbitrary JavaScript code in the Web UI. When executed, the injected script runs in the victim’s browser, enabling the attacker to alter the interface’s intended functionality.

Affected Systems

Systems running IBM QRadar SIEM 7.5.0 that have not applied Update Pack 15 or newer are affected. The vulnerability exists in all update packs up through Update Pack 14 and is fixed in Update Pack 15. Users should verify that their instances no longer accept arbitrary script payloads in the Web UI.

Risk and Exploitability

The CVSS score of 5.4 indicates a moderate severity while the EPSS score of less than 1 % suggests a low likelihood of exploitation. The flaw is not listed in the CISA KEV catalog. The likely attack vector is via the unsecured web UI, requiring an attacker to supply a payload that is subsequently rendered in the browser. Even though the impact is confined to the client side, the vulnerability warrants timely patching.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

IBM

QRadar SIEM

unaffected

Version	Status	Constraints
`7.5.0`	affected	≤ 7.5.0 Update Pack 14

Configuration 1 [-]

AND

OR	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_10::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_11::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_12::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_8::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_9::::::

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Ibm

Qradar Security Information And Event Manager

100%

Version	Status	Scheme	Platform
`[7.5.0,7.5.0 Update Pack 14]`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

Vendor Solution

ProductVersionFixIBM QRadar SIEM 7.5.0 7.5.0 UP15 https://www.ibm.com/support/fixcentral/swg/selectFixes ( Release Notes https://www.ibm.com/support/pages/node/7257011 )

OpenCVE Recommended Actions

Apply IBM QRadar SIEM 7.5.0 Update Pack 15 or a newer patch containing the fix.

Generated by OpenCVE AI on March 23, 2026 at 20:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00027.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://www.ibm.com/support/pages/node/7266709

History

Mon, 23 Mar 2026 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_10:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_11:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_12:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_8:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_9:::::: cpe:2.3:o:linux:linux_kernel:-:::::::*
Vendors & Products		Linux Linux linux Kernel

Thu, 19 Mar 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 19 Mar 2026 02:15:00 +0000

Type	Values Removed	Values Added
Description		IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality.
Title		IBM QRadar SIEM Cross-Site Scripting
First Time appeared		Ibm Ibm qradar Security Information And Event Manager
Weaknesses		CWE-79
CPEs		cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14::::::
Vendors & Products		Ibm Ibm qradar Security Information And Event Manager
References		https://www.ibm.com/support/pages/node/7266709
Metrics		cvssV3_1 `{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N'}`

Subscriptions

Ibm Qradar Security Information And Event Manager

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2026-03-19T01:55:41.122Z

Updated: 2026-03-19T13:34:27.020Z

Reserved: 2025-12-23T14:26:31.855Z

Link: CVE-2025-15051

Vulnrichment

Updated: 2026-03-19T13:34:22.746Z

NVD

Status : Analyzed

Published: 2026-03-19T03:16:01.270

Modified: 2026-03-23T18:07:17.250

Link: CVE-2025-15051

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-25T11:55:29Z

Weaknesses

CWE-79

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object