Cryptographic Weakness in IBM Security QRadar EDR Product
CVE-2025-36379

5.9MEDIUM

Key Information:

Vendor

IBM
Status
Security Qradar Edr
Vendor
CVE Published:
17 February 2026

What is CVE-2025-36379?

IBM Security QRadar EDR versions up to 3.12.23 utilize cryptographic algorithms that are weaker than necessary, exposing highly sensitive information to potential decryption by attackers. This vulnerability highlights the need for robust cryptographic practices to safeguard critical data.

Affected Version(s)

Security QRadar EDR 3.12 <= 3.12.23

References

https://www.ibm.com/support/pages/node/7260390
vendor-advisorypatch

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.