Signal Brief · Archived
Week of March 10, 2025
The Week's Public Record
Events
2025-03-14
vuln disclosure
IBM Security QRadar EDR Stores User Credentials in Plain TextCVE-2024-45638
CVE-2024-45638 is a vulnerability in IBM Security QRadar 3.12 EDR where user credentials are stored in plain text, allowing a local privileged user to read them. This could lead to unauthorized access to sensitive information. The vulnerability has a CVSS v3 base score of 4.4 (Medium).
2025-03-14
vuln disclosure
IBM Security QRadar EDR Uses Weak Cryptography Allowing Credential DecryptionCVE-2024-45643
CVE-2024-45643 is a vulnerability in IBM Security QRadar 3.12 EDR where weaker-than-expected cryptographic algorithms are used. This flaw could allow an attacker to decrypt sensitive credential information. The issue was published on 2025-03-14 with a CVSS v3 base score of 5.9 (Medium).
Every event in this brief is a record in ColdRecon's canonical set, drawn from public open-source reporting and linked to its source. This is the general, non-personalized signal — published 7 days after the fact. The live daily brief, written for your deals, is for cleared officers.