CVE-2024-56462 - Vulnerability Details

IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00046.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

IBM

QRadar

affected

Version	Status	Constraints
`7.5.0`	affected	≤ 7.5.0 UP15 Interim Fix 002

Configuration 1 [-]

OR	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_10::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_11::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_12::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13_interim_fix_01::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13_interim_fix_02::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14_interim_fix_01::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14_interim_fix_02::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_15::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_15_interim_fix_01::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_15_interim_fix_02::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_8::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_9::::::

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Ibm Subscribe	Qradar Subscribe

Project Subscriptions

Vendors	Products
Ibm Subscribe	Qradar Subscribe Qradar Security Information And Event Manager Subscribe

Advisories

No advisories yet.

Fixes

Solution

IBM strongly encourages customers to update their systems promptly. ProductVersionFixIBM QRadar SIEM 7.5.0 7.5.0 UP15 IF03 https://www.ibm.com/support/fixcentral/swg/selectFix

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.ibm.com/support/pages/node/7273957

History

Fri, 05 Jun 2026 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ibm qradar Security Information And Event Manager
Weaknesses		CWE-552
CPEs		cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_10:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_11:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_12:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13_interim_fix_01:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13_interim_fix_02:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14_interim_fix_01:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14_interim_fix_02:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_15:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_15_interim_fix_01:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_15_interim_fix_02:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_8:::::: cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_9::::::
Vendors & Products		Ibm qradar Security Information And Event Manager

Wed, 27 May 2026 15:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system.
Title		IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
First Time appeared		Ibm Ibm qradar
Weaknesses		CWE-530
CPEs		cpe:2.3:a:ibm:qradar:7.5.0:::::::* cpe:2.3:a:ibm:qradar:7.5.0up15:interim_fix_002::::::
Vendors & Products		Ibm Ibm qradar
References		https://www.ibm.com/support/pages/node/7273957
Metrics		cvssV3_1 `{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2026-05-27T13:50:26.588Z

Updated: 2026-05-27T14:48:10.590Z

Reserved: 2024-12-26T12:50:20.772Z

Link: CVE-2024-56462

Vulnrichment

Updated: 2026-05-27T14:48:06.866Z

NVD

Status : Analyzed

Published: 2026-05-27T14:16:41.417

Modified: 2026-06-05T18:57:53.623

Link: CVE-2024-56462

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-05T21:00:05Z

Weaknesses

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object