Plain Text Credential Storage Vulnerability in IBM Security QRadar EDR
CVE-2024-45636

4.1MEDIUM

Key Information:

Vendor

IBM

Vendor
CVE Published:
11 June 2026

What is CVE-2024-45636?

A significant vulnerability has been identified in IBM Security QRadar EDR versions 3.12 through 3.12.24, which involves the storage of user credentials in plain text format. This flaw allows local privileged users to easily access sensitive credential information, potentially leading to unauthorized access and exploitation. Organizations utilizing the affected versions should take immediate action to mitigate this risk and ensure their security measures are reinforced. IBM has provided guidance and patches to address this issue.

Affected Version(s)

Security QRadar EDR 3.12.0 <= 3.12.24

References

CVSS V3.1

Score:
4.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.