Risk
The risk category contains events that are related to IBM QRadar Risk Manager.
The following table describes the low-level event categories and associated severity levels for the risk category.
| Low-level event category | Category ID | Description | Severity level (0 - 10) |
|---|---|---|---|
| Policy Exposure | 20001 | Indicates that a policy exposure was detected. | 5 |
| Compliance Violation | 20002 | Indicates that a compliance violation was detected. | 5 |
| Exposed Vulnerability | 20003 | Indicates that the network or device has an exposed vulnerability. | 9 |
| Remote Access Vulnerability | 20004 | Indicates that the network or device has a remote access vulnerability. | 9 |
| Local Access Vulnerability | 20005 | Indicates that the network or device has local access vulnerability. | 7 |
| Open Wireless Access | 20006 | Indicates that the network or device has open wireless access. | 5 |
| Weak Encryption | 20007 | Indicates that the host or device has weak encryption. | 5 |
| Un-Encrypted Data Transfer | 20008 | Indicates that a host or device is transmitting data that is not encrypted. | 3 |
| Un-Encrypted Data Store | 20009 | Indicates that the data store is not encrypted. | 3 |
| Mis-Configured Rule | 20010 | Indicates that a rule is not configured properly. | 3 |
| Mis-Configured Device | 20011 | Indicates that a device on the network is not configured properly. | 3 |
| Mis-Configured Host | 20012 | Indicates that a network host is not configured properly. | 3 |
| Data Loss Possible | 20013 | Indicates that the possibility of data loss was detected. | 5 |
| Weak Authentication | 20014 | Indicates that a host or device is susceptible to fraud. | 5 |
| No Password | 20015 | Indicates that no password exists. | 7 |
| Fraud | 20016 | Indicates that a host or device is susceptible to fraud. | 7 |
| Possible DoS Target | 20017 | Indicates a host or device is a possible DoS target. | 3 |
| Possible DoS Weakness | 20018 | Indicates a host or device has a possible DoS weakness. | 3 |
| Loss of Confidentiality | 20019 | Indicates that a loss of confidentially was detected. | 5 |
| Policy Monitor Risk Score Accumulation | 20020 | Indicates that a policy monitor risk score accumulation was detected. | 1 |