CVE Catalog
CVE-2024-45636
MediumCVSS 4.1Exploitation Probability (EPSS)
Low risk0.12%
2th percentile — higher than 2% of all known CVEs
Summary
IBM Security QRadar EDR versions 3.12 through 3.12.24 store user credentials in plain text, which can be read by a local privileged user.
Risk Assessment
Storing passwords in plain text poses a risk of unauthorized access to the system by local privileged users, potentially leading to serious security breaches.
Recommendation
It is recommended to upgrade to the latest version of IBM Security QRadar EDR that improves the way credentials are stored.
Original NVD description (English source)
IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.

