// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRF-01DTG 0600Z
ColdRecon / Brief Archive / Week of March 10, 2025
Signal Brief · Archived

Week of March 10, 2025

2025-03-10 — 2025-03-16 · 2 PUBLIC EVENTS · GENERAL / NON-PERSONALIZED

In the week of March 10, 2025, ColdRecon logged 2 public endpoint-security events from open-source reporting — 2 vuln disclosures. Vendors in the record this week: IBM.

The Week's Public Record

Events

2025-03-14
vuln disclosure
IBM Security QRadar EDR Stores User Credentials in Plain TextCVE-2024-45638
CVE-2024-45638 is a vulnerability in IBM Security QRadar 3.12 EDR where user credentials are stored in plain text, allowing a local privileged user to read them. This could lead to unauthorized access to sensitive information. The vulnerability has a CVSS v3 base score of 4.4 (Medium).
2025-03-14
vuln disclosure
IBM Security QRadar EDR Uses Weak Cryptography Allowing Credential DecryptionCVE-2024-45643
CVE-2024-45643 is a vulnerability in IBM Security QRadar 3.12 EDR where weaker-than-expected cryptographic algorithms are used. This flaw could allow an attacker to decrypt sensitive credential information. The issue was published on 2025-03-14 with a CVSS v3 base score of 5.9 (Medium).
Every event in this brief is a record in ColdRecon's canonical set, drawn from public open-source reporting and linked to its source. This is the general, non-personalized signal — published 7 days after the fact. The live daily brief, written for your deals, is for cleared officers.

This is last week, public. Get this morning's, written for you.

The live ColdRecon brief lands at 0600 daily — the same signal, filtered to your competitors and framed for your deals. Request clearance and tomorrow's is yours.

Request Clearance →