CVE-2021-38869: 
IBM QRadar SIEM vulnerability analysis and mitigation

IBM QRadar SIEM in some situations may not automatically log users out after they exceed their idle timeout (CVE-2021-38869). This vulnerability affects IBM QRadar SIEM versions 7.5.0 antecedent to 7.5.0 UP1, versions 7.3.3 antecedent to 7.3.3 FP11, and versions 7.4.3 antecedent to 7.4.3 FP5 (IBM Security Bulletin).

The vulnerability has a CVSS Base score of 4.3 and CVSS Vector of (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating physical access is required with low attack complexity and no privileges needed. The vulnerability affects session management functionality, specifically related to idle timeout enforcement (IBM Security Bulletin).

This vulnerability could potentially allow unauthorized access to the system if a user's session remains active beyond the intended timeout period, potentially exposing sensitive information and system functionality to unauthorized users (IBM Security Bulletin).

IBM recommends customers update their systems to the following fixed versions: QRadar/QRM/QVM/QRIF/QNI 7.5.0 UP1 for 7.5.0 GA, QRadar/QRM/QVM/QRIF/QNI 7.4.3 FP5 for 7.4.3 versions, and QRadar/QRM/QVM/QRIF/QNI 7.3.3 FP11 for 7.3.3 versions. No workarounds are available (IBM Security Bulletin).