Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-33120

Опубликовано: 22 авг. 2025
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_1:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_10:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_11:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_12:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_13:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_2:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_3:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_4:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_5:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_6:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_7:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_8:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_incident_forensics:7.5.0:update_pack_9:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_10:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_11:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_12:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_8:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_9:*:*:*:*:*:*

EPSS

Процентиль: 1%
0.00011
Низкий

7.8 High

CVSS3

Дефекты

CWE-250

Связанные уязвимости

github логотип

GHSA-67f9-x324-v6v2

CVSS3: 7.8
github
6 месяцев назад

IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.

EPSS

Процентиль: 1%
0.00011
Низкий

7.8 High

CVSS3

Дефекты

CWE-250