Metrics
Affected Vendors & Products
Solution
IBM encourages customers to update their systems promptly. Product Version Fix IBM QRadar SIEM 7.5.0 QRadar 7.5.0 UP13 QRadar Incident Forensics 7.5.0 QIF 7.5.0 UP13
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7241303 |
![]() ![]() |
Thu, 14 Aug 2025 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_10:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_11:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_8:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_9:*:*:*:*:*:* |
Fri, 01 Aug 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 01 Aug 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |
Title | IBM QRadar SIEM cross-site scripting | |
First Time appeared |
Ibm
Ibm qradar Security Information And Event Manager |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_12:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm qradar Security Information And Event Manager |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-08-01T17:34:02.243Z
Reserved: 2025-04-15T17:50:56.613Z
Link: CVE-2025-33118

Updated: 2025-08-01T17:33:54.576Z

Status : Analyzed
Published: 2025-08-01T18:15:51.797
Modified: 2025-08-14T18:49:42.193
Link: CVE-2025-33118

No data.

No data.