CVE-2021-20400

HIGH

IBM QRadar SIEM <7.4 - Info Disclosure

Title source: llm

Description

IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196074.

References (2)

[Patch, Vendor Advisory] https://www.ibm.com/support/pages/node/6520488

[VDB Entry, Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/196074

Scores

CVSS v3 7.5

EPSS 0.0011

EPSS Percentile 29.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-326

Status published

Products (3)

ibm/qradar_security_information_and_event_manager 7.3.3 (10 CPE variants)

ibm/qradar_security_information_and_event_manager 7.4.3 (4 CPE variants)

ibm/qradar_security_information_and_event_manager 7.3.0 - 7.3.3

Published Dec 01, 2021

Tracked Since Feb 18, 2026