Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
IBM QRadar EDR: Session Expiration Bypass Allows User Impersonation
CVE-2025-36376
Summary
IBM QRadar EDR has a security issue that allows an authenticated user to pretend to be another user on the system after their session has expired. This could give the attacker access to sensitive information or actions. Update to the latest version of IBM QRadar EDR to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| ibm | security_qradar_edr | > 3.12.0 , <= 3.12.24 | – |
Original title
IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.
Original description
IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.
nvd CVSS3.1
8.8
Vulnerability type
CWE-613
- https://www.ibm.com/support/pages/node/7260390 Vendor Advisory
Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026