{"api_version":"1","generated_at":"2026-06-11T18:48:12+00:00","cve":"CVE-2024-45636","urls":{"html":"https://cve.report/CVE-2024-45636","api":"https://cve.report/api/cve/CVE-2024-45636.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-45636","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-45636"},"summary":{"title":"IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.","description":"IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.","state":"PUBLISHED","assigner":"ibm","published_at":"2026-06-11 16:16:21","updated_at":"2026-06-11 16:16:21"},"problem_types":["CWE-256","CWE-256 CWE-256 Plaintext Storage of a Password"],"metrics":[{"version":"3.1","source":"psirt@us.ibm.com","type":"Primary","score":"4.1","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"4.1","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","data":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":4.1,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}}],"references":[{"url":"https://www.ibm.com/support/pages/node/7274828","name":"https://www.ibm.com/support/pages/node/7274828","refsource":"psirt@us.ibm.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-45636","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45636","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"IBM","product":"Security QRadar EDR","version":"affected 3.12.0 3.12.24 semver","platforms":[]}],"timeline":[],"solutions":[{"source":"CNA","title":"","value":"IBM encourages customers to update their systems promptly.\n\nProductFix versionIBM Security QRadar EDR3.12.25\n\n\n\n\n\n\n\nThe IBM Security QRadar EDR operator can be upgraded automatically when new compatible versions are available. However, you can control whether an operator is upgraded automatically by setting an approval strategy.\n\n\n\nTwo approval strategies are available:\n\n * Automatic (default) - New operator versions are installed automatically when they are available on the subscription channel.\n * Manual - When a new operator version is available on the subscription channel, the subscription indicates that an update is available, but you must approve the update manually.\n\n\n\n\nFor more information about the manual installation process, view  Installing QRadar EDR https://www.ibm.com/docs/en/security-qradar-edr/3.12","time":"","lang":"en"}],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:security_qradar_edr:3.12:*:*:*:*:*:*:*","cpe:2.3:a:ibm:security_qradar_edr:3.12.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:security_qradar_edr:3.12.24:*:*:*:*:*:*:*"],"product":"Security QRadar EDR","vendor":"IBM","versions":[{"lessThanOrEqual":"3.12.24","status":"affected","version":"3.12.0","versionType":"semver"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.

"}],"value":"IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":4.1,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-256","description":"CWE-256 Plaintext Storage of a Password","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-11T15:10:38.269Z","orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm"},"references":[{"tags":["vendor-advisory","patch"],"url":"https://www.ibm.com/support/pages/node/7274828"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"

IBM encourages customers to update their systems promptly.

ProductFix version
IBM Security QRadar EDR3.12.25

The IBM Security QRadar EDR operator can be upgraded automatically when new compatible versions are available. However, you can control whether an operator is upgraded automatically by setting an approval strategy.

Two approval strategies are available:

For more information about the manual installation process, view Installing QRadar EDR

"}],"value":"IBM encourages customers to update their systems promptly.\n\nProductFix versionIBM Security QRadar EDR3.12.25\n\n\n\n\n\n\n\nThe IBM Security QRadar EDR operator can be upgraded automatically when new compatible versions are available. However, you can control whether an operator is upgraded automatically by setting an approval strategy.\n\n\n\nTwo approval strategies are available:\n\n * Automatic (default) - New operator versions are installed automatically when they are available on the subscription channel.\n * Manual - When a new operator version is available on the subscription channel, the subscription indicates that an update is available, but you must approve the update manually.\n\n\n\n\nFor more information about the manual installation process, view  Installing QRadar EDR https://www.ibm.com/docs/en/security-qradar-edr/3.12"}],"title":"IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.","x_generator":{"engine":"ibm-cvegen"}}},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2024-45636","datePublished":"2026-06-11T15:10:38.269Z","dateReserved":"2024-09-03T13:49:55.577Z","dateUpdated":"2026-06-11T15:10:38.269Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-11 16:16:21","lastModifiedDate":"2026-06-11 16:16:21","problem_types":["CWE-256","CWE-256 CWE-256 Plaintext Storage of a Password"],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.5,"impactScore":3.6}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"45636","Ordinal":"1","Title":"IBM Security QRadar EDR Software has a vulnerability where user ","CVE":"CVE-2024-45636","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"45636","Ordinal":"1","NoteData":"IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.","Type":"Description","Title":"IBM Security QRadar EDR Software has a vulnerability where user "}]}}}