{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-45636", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2024-09-03T13:49:55.577Z", "datePublished": "2026-06-11T15:10:38.269Z", "dateUpdated": "2026-06-11T15:41:51.536Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-06-11T15:10:38.269Z"}, "title": "IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-256", "description": "CWE-256 Plaintext Storage of a Password", "type": "CWE"}]}], "affected": [{"vendor": "IBM", "product": "Security QRadar EDR", "versions": [{"status": "affected", "version": "3.12.0", "lessThanOrEqual": "3.12.24", "versionType": "semver"}], "cpes": ["cpe:2.3:a:ibm:security_qradar_edr:3.12:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_qradar_edr:3.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_qradar_edr:3.12.24:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.</p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7274828", "tags": ["vendor-advisory", "patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 4.1, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"}}], "solutions": [{"lang": "en", "value": "IBM encourages customers to update their systems promptly.\n\nProductFix versionIBM Security QRadar EDR3.12.25\n\n\n\n\n\n\n\nThe IBM Security QRadar EDR operator can be upgraded automatically when new compatible versions are available. However, you can control whether an operator is upgraded automatically by setting an approval strategy.\n\n\n\nTwo approval strategies are available:\n\n * Automatic (default) - New operator versions are installed automatically when they are available on the subscription channel.\n * Manual - When a new operator version is available on the subscription channel, the subscription indicates that an update is available, but you must approve the update manually.\n\n\n\n\nFor more information about the manual installation process, view\u00a0 Installing QRadar EDR https://www.ibm.com/docs/en/security-qradar-edr/3.12", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM encourages customers to update their systems promptly.</p><div><table><tbody><tr><td>Product</td><td>Fix version</td></tr><tr><td>IBM Security QRadar EDR</td><td>3.12.25</td></tr></tbody></table></div><p></p><p>The IBM Security QRadar EDR operator can be upgraded automatically when new compatible versions are available. However, you can control whether an operator is upgraded automatically by setting an approval strategy.</p><div><p>Two approval strategies are available:</p><ul><li>Automatic (default) - New operator versions are installed automatically when they are available on the subscription channel.</li><li>Manual - When a new operator version is available on the subscription channel, the subscription indicates that an update is available, but you must approve the update manually.</li></ul><p>For more information about the manual installation process, view&nbsp;<a href=\"https://www.ibm.com/docs/en/security-qradar-edr/3.12?topic=overview-whats-new-changed\" rel=\"noopener noreferrer nofollow\">Installing QRadar EDR</a></p></div>"}]}], "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-11T15:41:43.602422Z", "id": "CVE-2024-45636", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-11T15:41:51.536Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-45636", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-11T15:41:43.602422Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-11T15:41:46.369Z"}}], "cna": {"title": "IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:security_qradar_edr:3.12:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_qradar_edr:3.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_qradar_edr:3.12.24:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "Security QRadar EDR", "versions": [{"status": "affected", "version": "3.12.0", "versionType": "semver", "lessThanOrEqual": "3.12.24"}]}], "solutions": [{"lang": "en", "value": "IBM encourages customers to update their systems promptly.\n\nProductFix versionIBM Security QRadar EDR3.12.25\n\n\n\n\n\n\n\nThe IBM Security QRadar EDR operator can be upgraded automatically when new compatible versions are available. However, you can control whether an operator is upgraded automatically by setting an approval strategy.\n\n\n\nTwo approval strategies are available:\n\n * Automatic (default) - New operator versions are installed automatically when they are available on the subscription channel.\n * Manual - When a new operator version is available on the subscription channel, the subscription indicates that an update is available, but you must approve the update manually.\n\n\n\n\nFor more information about the manual installation process, view\u00a0 Installing QRadar EDR https://www.ibm.com/docs/en/security-qradar-edr/3.12", "supportingMedia": [{"type": "text/html", "value": "<p>IBM encourages customers to update their systems promptly.</p><div><table><tbody><tr><td>Product</td><td>Fix version</td></tr><tr><td>IBM Security QRadar EDR</td><td>3.12.25</td></tr></tbody></table></div><p></p><p>The IBM Security QRadar EDR operator can be upgraded automatically when new compatible versions are available. However, you can control whether an operator is upgraded automatically by setting an approval strategy.</p><div><p>Two approval strategies are available:</p><ul><li>Automatic (default) - New operator versions are installed automatically when they are available on the subscription channel.</li><li>Manual - When a new operator version is available on the subscription channel, the subscription indicates that an update is available, but you must approve the update manually.</li></ul><p>For more information about the manual installation process, view&nbsp;<a href=\"https://www.ibm.com/docs/en/security-qradar-edr/3.12?topic=overview-whats-new-changed\" rel=\"noopener noreferrer nofollow\">Installing QRadar EDR</a></p></div>", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7274828", "tags": ["vendor-advisory", "patch"]}], "x_generator": {"engine": "ibm-cvegen"}, "descriptions": [{"lang": "en", "value": "IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.", "supportingMedia": [{"type": "text/html", "value": "<p>IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-256", "description": "CWE-256 Plaintext Storage of a Password"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-06-11T15:10:38.269Z"}}}, "cveMetadata": {"cveId": "CVE-2024-45636", "state": "PUBLISHED", "dateUpdated": "2026-06-11T15:41:51.536Z", "dateReserved": "2024-09-03T13:49:55.577Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2026-06-11T15:10:38.269Z", "assignerShortName": "ibm"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user."}], "id": "CVE-2024-45636", "lastModified": "2026-06-11T16:16:21.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 3.6, "source": "psirt@us.ibm.com", "type": "Primary"}]}, "published": "2026-06-11T16:16:21.357", "references": [{"source": "psirt@us.ibm.com", "url": "https://www.ibm.com/support/pages/node/7274828"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-256"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}

{}