Information Disclosure Vulnerability in IBM QRadar SIEM
CVE-2024-56464

2.7LOW

Key Information:

Vendor: IBM
Status: IBM Qradar Siem
Vendor: CVE Published:; 9 December 2025

What is CVE-2024-56464?

An information disclosure vulnerability has been identified in IBM QRadar SIEM 7.5 - 7.5.0 UP14 IF01, resulting in unintended exposure of sensitive directory information. This flaw could potentially allow unauthorized individuals to gain access to critical system details, which may compromise the overall security posture of affected installations. IBM has released a security update to rectify this issue, and it is imperative for users to apply this update promptly to safeguard their systems from potential exploitation.

Affected Version(s)

IBM QRadar SIEM 7.5 <= 7.5.0 UP14 IF01

References

https://www.ibm.com/support/pages/node/7253664

vendor-advisorypatch

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 26, 2024

Credit

John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, and Dawid Bak from the IBM Security Ethical Hacking Team.

JSON