IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.
CVE-2024-45636

4.1MEDIUM

Key Information:

Vendor

IBM
Status
Security Qradar Edr
Vendor
CVE Published:
11 June 2026

What is CVE-2024-45636?

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.

Affected Version(s)

Security QRadar EDR 3.12.0 <= 3.12.24

References

https://www.ibm.com/support/pages/node/7274828
vendor-advisorypatch

CVSS V3.1

Score:
4.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.