Resilient security orchestration automation and response

This hub aggregates every CVE we track for Resilient security orchestration automation and response, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.

Security Productson-premsecurity product

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

HIGH5MEDIUM5

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 10 most recently published vulnerabilities affecting Resilient security orchestration automation and response.

CVE-2021-29802IBM Security SOAR performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.7.5Aug 23, 2021
CVE-2021-29704IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.7.5Aug 23, 2021
CVE-2021-29780IBM Resilient OnPrem v41.1 of IBM Security SOAR could allow an authenticated user to perform actions that they should not have access to due to improper input validation. IBM X-Force ID: 203085.4.7Jul 19, 2021
CVE-2021-20567IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239.4.4Jun 16, 2021
CVE-2021-20566IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238.7.5Jun 16, 2021
CVE-2020-4633IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation.8.8Dec 11, 2020
CVE-2020-4864IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567.4.3Oct 29, 2020
CVE-2020-4636IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. IBM X-Force ID: 185503.7.2Oct 16, 2020
CVE-2019-4579IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Forc...4.3Aug 28, 2020
CVE-2019-4533IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589.4.3Aug 28, 2020

Product normalization is registry-driven with AI assist and human review. How it works