Medium Severity

Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to cacheable SSL pages (CVE-2021-20391)

Share this post:

User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to cacheable SSL pages.

CVE(s): CVE-2021-20391

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
QRadar User Behavior Analytics 1.0.0-4.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6453103
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/195999

More stories

Security Bulletin: IBM Security Identity Manager Virtual Appliance deprecated Self Service UI contains Struts V1 (CVE-2016-1182)

Jun 17, 2021 8:00 pm EDT | Medium Severity

IBM Security Identity Manager Virtual Appliance made code changes to remove the deprecated function and its associated Struts V1 code library. ...read more


Security Bulletin: IBM Security Identity Manager deprecated Self Service UI contains Struts V1 (CVE-2016-1182)

Jun 17, 2021 8:00 pm EDT | Medium Severity

IBM Security Identity Manager made code changes to remove the deprecated function and its related Struts V1 code library. ...read more


Security Bulletin: IBM Resilient SOAR is vulnerable to command injection (CVE-2021-20527)

Jun 17, 2021 8:00 pm EDT | Medium Severity

It was possible for a privileged user to inject malicious commands that could be executed as another user. This issue has been addressed. ...read more