Product Component Number Description

QRADAR SECURITY BULLETIN CVE-2018-2579 Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center

QRADAR SECURITY BULLETIN CVE-2013-1768 OpenJPA as used in IBM QRadar SIEM is vulnerable to remote code execution

QRADAR SECURITY BULLETIN CVE-2017-1695 IBM QRadar SIEM uses outdated hash algorithms

QRADAR SECURITY BULLETIN CVE-2017-3736 Security vulnerability in OpenSSL

QRADAR SECURITY BULLETIN CVE-2018-2579 Rational Build Forge Security Advisory for Apache Tomcat

QRADAR USER INTERFACE IJ05185 UNABLE TO EDIT QRADAR LDAP CONFIGURATION AFTER A PREVIOUSLY MAPPED USER ROLE OR SECURITY PROFILE IS DELETED

QRADAR USER INTERFACE IV97787 THE QRADAR ASSET TAB CAN BE SLOW TO LOAD WHEN THERE ARE A LARGE NUMBER OF ASSET VULNERABILITY INSTANCES

QRADAR SEARCHES IJ06611 POP UP WINDOW WITH NO SEARCH RESULTS WHEN DRILLING DOWN INTO SEARCH RESULTS

QRADAR SEARCHES IJ05806 SOME LOG ACTIVITY SEARCHES STOP RETURNING RESULTS FROM LOG SOURCE GROUPS AFTER PATCH/UPGRADE TO QRADAR 7.3.1

QRADAR REPORTS IJ06278 RUNNING A LOG SOURCE REPORT AGAINST AN EMPTY LOG SOURCE GROUP RETURNS ALL LOG SOURCES

QRADAR REPORTS IJ05341 'EXPORT TO XML' OR 'EXPORT TO CSV' FROM THE QRADAR ASSETS TAB CAN SOMETIMES UNEXPECTEDLY STOP/FAIL

QRADAR SEARCHES IJ04906 USING THE RIGHT-CLICK FILTER 'SOURCE OR DESTINATION IP IS...' IN A LOG ACTIVITY SEARCH DOES NOT WORK AS EXPECTED

QRADAR SEARCHES IJ03405 AQL SEARCHES THAT OPEN THE LOG ACTIVITY PAGE AFTER COMPLETING CAN DISPLAY UNEXPECTED HTML CHARACTERS

QRADAR SEARCHES IJ00489 COMMAS ARE SWITCHED TO 'OR' WHEN MULTIPLE CUSTOM EVENT PROPERTIES ARE CONTAINED IN A SEARCH

QRADAR OFFENSES IV99417 OFFENSE START TIMES CAN JUMP BACK IN TIME IF CUSTOMER HAS LONG RUNNING OFFENSES AND LONG DELAY BETWEEN START AND STORAGE TIME.

QRADAR SEARCHES IV85637 TOP SOURCES AND TOP DESTINATION DASHBOARD SEARCHES REPORT DATA FROM ALL DOMAINS NOT JUST THE CONFIGURED ONES

QRADAR FLOWS IV84601 CATEGORIZATION OF OFF-SITE SOURCE AND TARGET FOR FLOWS DISPLAYS AS 'UNKNOWN' AND APPLICATION DISPLAYS AS 'OTHER'

QRADAR EVENTS IJ06381 EVENTS FORWARDED VIA AN OFFENSE RULE DO NOT HAVE A VALID SYSLOG HEADER APPENDED

QRADAR EVENTS IJ05338 EVENT COLLECTION CAN STOP DUE TO A BUFFER UNDERFLOW EXCEPTION IN ECS-EC REQUIRING AN ECS-EC-INGRESS SERVICE RESTART

QRADAR LOG SOURCES IJ04654 LOGFILE PROTOCOL LOG SOURCES CAN STOP WORKING, FAIL TO CONNECT WITH ERROR 'ALGORITHM NEGOTIATION FAIL' IN CONFIG WINDOW

QRADAR OFFENSES IJ04225 USING THE QRADAR API "GET /SIEM/OFFENSE" TO RETRIEVE A LIST OF OFFENSES CAN TAKE LONGER THAN EXPECTED TO COMPLETE

QRADAR LICENSES IJ02819 '...SENT A TOTAL OF XXXX EVENT(S) DIRECTLY STORAGE...QUEUE IS AT 0 PERCENT CAPACITY" DURING OVER LICENSE EPS SPIKES

QRADAR OFFENSES IJ00971 AN APPLICATION ERROR MAY OCCUR IN THE OFFENSE TAB WHEN THE END TIME FOR AN OFFENSE IS IN THE FUTURE

QRADAR CUSTOM EVENTS IJ00878 CUSTOM EVENT PROPERTY WITH SPACE IN ITS NAME IS NOT FORWARDED TO THE DESTINATION

QRADAR SEARCHES IJ05096 QUICK SEARCHES CONTAINING AN 'AND' OPERATOR CAN SOMETIMES FAIL TO PROGRESS TO COMPLETION

QRADAR LICENSES IJ03439 CLICKING THE 'SUSPECT CONTENT' ICON DISPLAYS A BLANK PAGE WHEN NO APPROPRIATE LICENSE IS INSTALLED/CONFIGURED

QRADAR NETWORK INSIGHTS TRAFFIC IJ01001 QNI CLASSIFIES LDAP TRAFFIC AS FTP TRAFFIC

QRADAR FLOWS IJ02836 NO FLOWS BEING RECEIVED FROM A QFLOW APPLIANCE

QRADAR DATABASE IJ04314 QRADAR DATABASE REPLICATION TO MANAGED HOSTS CAN FAIL WHEN THE CONSOLE /STORETMP HAS INSUFFICIENT FREE SPACE AVAILABLE

QRADAR DATA IJ03316 DATA BACKUPS FAIL WHEN EVENT/FLOW LOG HASHING IS ENABLED

QRADAR LOG SOURCES IJ02749 'TARGET EXTERNAL DESTINATIONS' BECOMES UNSELECTED AFTER PERFORMING A 'BULK EDIT' OF LOG SOURCES

QRADAR RULES IJ02262 RULES IMPORTED FROM A SYSTEM WITH CONFIGURED DOMAINS TO A SYSTEM WITHOUT DOMAINS CAN SEE REFERENCE SET DATA ISSUES

QRADAR UPGRADE IJ06277 UPGRADE TO 7.3.X FAILS AND PROMPTS FOR REDHAT ISO WHEN /VAR/LOG/INSTALL.LOG IS MISSING

QRADAR UPGRADES IJ05311 GARP REQUEST DURING HA_SETUP.SH CAN SOMETIMES BE BLOCKED BY A NETWORK SWITCH PREVENTING ARP TABLES FROM BEING UPDATED

QRADAR UPGRADES IJ05110 A FAILED AND ROLLED BACK PATCH ATTEMPT FROM 7.3.0.X TO 7.3.1.X CAN CAUSE ISSUES WHEN ATTEMPTING TO PATCH AGAIN

QRADAR UPGRADES IJ04472 RECOVERY REINSTALL ON A HIGH AVAILABILITY PRIMARY CAN FAIL DISPLAYING AS 'UNKNOWN' STATE IN SYSTEM AND LICENSE WINDOW

QRADAR UPGRADES IJ03981 QRADAR UPGRADE AND/OR PATCH FAILS WITH 'ERROR EXECUTING 34-POSTGRESQL-UPGRADE.SH' WHEN UNEXPECTED DATABASE EXIST

QRADAR UPGRADES IJ00104 QRADAR UPGRADE TO 7.3.0.X CAN FAIL "...GENERATE_ENVIRONMENT.SH: OPTION REQUIRES AN ARGUMENT -- N"

QRADAR APPLIANCES IJ05193 SOME QRADAR SOFTWARE APPLIANCES ARE NOT ABLE TO ADD A QVM SCANNER IN THE QRADAR USER INTERFACE

QRADAR SECURITY IJ01123 Q1X509TRUSTMANAGER LEAKS FILE HANDLES IF THERE IS A TRUST STORE IN /OPT/QRADAR/CONF/TRUSTED_CERTIFICATES

QRADAR DEVICES IJ02635 'APPLICATION ERROR' WHEN PERFORMING A NORMALIZED DEVICE COMPARISON FOR A PALO ALTO DEVICE

QRADAR VULNERABILITY MANAGER SCANS IJ06302 SCAN EXPORT DOES NOT HONOR SPECIFIED VULNERABILITIES THAT ARE CONFIGURED IN THE SCAN POLICY

QRADAR VULNERABILITY MANAGER DOMAINS IJ01180 INTERACTION WITH IBM BIGFIX AND QVM CAN FAIL WHEN DOMAIN AUTHENTICATION IS USED

QRADAR VULNERABILITY MANAGER ASSETS IJ00941 EXCEPTIONED VULNERABILITIES ARE STILL APPEARING IN MANAGE VULNERABILITY VIEW FOR SOME ASSETS

QRADAR EVENTS IJ02457 UNPARSED CRE EVENTS CONTAINING 'WHERE CATEGORY BETWEEN..." OBSERVED WHEN USER BEHAVIOR ANALYTICS (UBA) APP INSTALLED

QRADAR REPORTS IJ04421 REPORTS CAN FAIL TO RUN WHEN EVENT AND/OR FLOW HASHING WITH HMAC IS ENABLED IN ARIEL DATABASE SETTINGS

QRADAR LOGS IV98932 /VAR/LOG/ PARTITION CAN BECOME FILLED DUE TO REPEATED TEST EXCEPTION MESSAGES BEING LOGGED

QRADAR SCANS IV97516 'WHEN THE DESTINATION IS VULNERABLE TO CURRENT EXPLOIT ON ANY PORT' RULE TEST STOPS WORKING AFTER VULNERABILITY SCAN

QRADAR USER INTERFACE IJ06084 SETTING A DELEGATED ADMINISTRATION PERMISSION FOR 'MANAGE REFERECE DATA' ONLY DOES NOT ALLOW ACCESS TO ADMIN TAB

QRADAR API IJ06032 CHANGES MADE WITHIN THE INCLUDED QRADAR API CHANGED HOW SOME QRADAR APPS FETCH DATA (EG. USER BEHAVIOR ANALYTICS - UBA)

QRADAR SEARCHES IJ05712 QRADAR REFERENCE SET DATA FILTER SEARCHES (MANUAL AND WITHIN SOME APPS) CAN TAKE LONGER THAN EXPECTED TO COMPLETE

QRADAR SEARCHES IJ05109 USING A FILTER CONTAINING A COMMA OPERATOR IN THE REGEX DOES NOT WORK WITH 'WHEN THE EVENT MATCHES THIS SEARCH FILTER' RUL

QRADAR EVENTS IJ04903 'THIS INFORMATION SHOULD SET OR REPLACE THE NAME OF THE ASSOCIATED OFFENSE' NOT ALWAYS WORKING AS EXPECTED

QRADAR SEARCHES IJ03209 'ADD' BUTTON DOES NOT WORK WHEN AN 'EQUALS ANY OF' CONDITION IS PRESENT WITHIN THE RULE WIZARD WITH MORE THAN ONE PROPERTY

QRADAR RULES IJ02670 RULE TEST 'AND WHEN THE URL (CUSTOM) IS CATEGORIZED BY X-FORCE AS ONE OF THE FOLLOWING CATEGORIES' CAN SOMETIMES FAIL TO FIRE

QRADAR REFERENCE SETS IJ02533 ERROR 'JAVA.LANG.NUMBERFORMATEXCEPTION:EMPTY STRING' IS GENERATED WHEN ATTEMPTING TO ADD REFERENCE SET VALUES

QRADAR RULES IJ02437 BUILDING BLOCKS CAN FAIL TO WORK AS EXPECTED WHILE RULES ARE BEING RELOADED

QRADAR RULES IJ00772 REGULAR EXPRESSIONS IN THE RULE EDITOR DO NOT WORK WITH JAPANESE CHARACTORS

QRADAR SERVICES IJ02782 REQUIRED SERVICES RESTART IS NOT PERFORMED AFTER SWITCH FROM DAYLIGHT SAVING TIME TO STANDARD TIME

QRADAR USER INTERFACE IJ07150 REPORT GROUPS ARE SOMETIMES NOT SHAREABLE FROM AN ADMIN TO A NON-ADMIN USER

QRADAR INCIDENT FORENSICS FORENSICS DECAPPER IJ07872 QRADAR NETWORK INSIGHTS STOPS PROCESSING FLOWS, PACKETS DROPPED BY THE DECAPPER

QRADAR SECURITY IJ06000 UNEXPECTED DIVIDE BY ZERO EXCEPTION