IBM79B141AAF1C51913A9CB5960F462DFAB85217C7BAD6F6CB8BCD729FACEEEBD51

HistoryApr 12, 2021 - 10:48 p.m.

Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

Vulners
Ibm
Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

2021-04-1222:48:01

www.ibm.com

0.97 High

EPSS

Percentile

99.7%

JSON

Summary

Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

Vulnerability Details

CVEID:CVE-2021-3156
**DESCRIPTION:**Sudo is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when parsing command line arguments. By sending an “sudoedit -s” and a command-line argument that ends with a single backslash character, a local attacker could overflow a buffer and execute arbitrary code on the system with root privileges. This vulnerability is also known as Baron Samedit.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/195658 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM QRadar 7.3.0 to 7.3.3 Patch 7

IBM QRadar 7.4.0 to 7.4.2 Patch 2

Remediation/Fixes

QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 7 IF2
QRadar / QRM / QVM / QRIF / QNI 7.4.2 Patch 3

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security qradar siemeq7.3
ibm security qradar siemeq7.4

CPE	Name	Operator	Version
	ibm security qradar siem	eq	7.3
	ibm security qradar siem	eq	7.4

redhat 10

cisa 1

rapid7blog 2

nessus 43

alpinelinux 1

paloalto 1

almalinux 1

oraclelinux 4

openvas 21

cert 1

githubexploit 53

ics 6

osv 4

cisco 1

virtuozzo 2

metasploit 1

centos 1

f5 1

avleonov 1

altlinux 2

photon 2

ubuntucve 1

zdt 4

packetstorm 4

redos 3

ubuntu 1

debian 3

cloudlinux 1

cisa_kev 1

nvd 1

suse 1

fedora 2

cve 1

checkpoint_security 1

veracode 1

qualysblog 2

mageia 1

huawei 1

threatpost 2

redhatcve 1

amazon 2

prion 1

debiancve 1

freebsd 1

cvelist 1

slackware 1

exploitdb 1

redhat

(RHSA-2021:0218) Important: sudo security update

2021-01-26 18:53:36

(RHSA-2021:0226) Important: sudo security update

2021-01-26 18:56:10

(RHSA-2021:0222) Important: sudo security update

2021-01-26 18:59:36

cisa

Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156

2021-02-02 00:00:00

rapid7blog

Metasploit Wrap-Up

2021-02-05 19:30:43

Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products

2021-02-04 21:04:49

nessus

OracleVM 3.4 : sudo (OVMSA-2021-0003)

2021-01-29 00:00:00

SUSE SLES12 Security Update : sudo (SUSE-SU-2021:1273-1)

2021-04-21 00:00:00

RHEL 7 : sudo (RHSA-2021:0226)

2021-01-27 00:00:00

alpinelinux

CVE-2021-3156

2021-01-26 21:15:12

paloalto

Informational: Impact of Sudo Vulnerability CVE-2021-3156

2021-02-10 17:00:00

almalinux

Important: sudo security update

2021-01-26 18:53:36

oraclelinux

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

openvas

Debian: Security Advisory (DLA-2534-1)

2021-01-27 00:00:00

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-2170)

2021-07-07 00:00:00

Sudo Heap-Based Buffer Overflow Vulnerability (Baron Samedit) - Active Check

2021-01-27 00:00:00

cert

Sudo set_cmd() is vulnerable to heap-based buffer overflow

2021-02-04 00:00:00

githubexploit

Exploit for Off-by-one Error in Sudo Project Sudo

2022-03-18 00:05:48

Exploit for Off-by-one Error in Sudo Project Sudo

2021-03-19 14:06:09

Exploit for Off-by-one Error in Sudo Project Sudo

2022-03-04 13:06:51

ics

Johnson Controls Sensormatic Tyco AI

2021-05-13 12:00:00

Johnson Controls Sensormatic Electronics Illustra

2021-09-02 12:00:00

Johnson Controls Sensormatic Electronics VideoEdge

2021-05-27 12:00:00

osv

sudo vulnerability

2021-01-27 15:01:20

CVE-2021-3156

2021-01-26 21:15:12

sudo - security update

2021-01-26 00:00:00

cisco

Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021

2021-01-29 21:30:00

virtuozzo

[Important] [Security] Fix for a vulnerability in sudo, CVE-2021-3156, for Virtuozzo Hybrid Server 7.x and Virtuozzo 6

2021-01-27 00:00:00

[Important] [Security] Virtuozzo Hybrid Infrastructure 4.0 Update 1.2 (4.0.1-49)

2020-02-03 00:00:00

metasploit

Sudo Heap-Based Buffer Overflow

2021-02-04 14:25:40

centos

sudo security update

2021-01-27 00:11:23

K86488846 : Sudo vulnerability CVE-2021-3156

2021-01-29 00:00:00

avleonov

Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs

2021-03-02 01:07:00

altlinux

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt0.M80P.1

2021-02-06 00:00:00

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt1

2021-01-27 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0358

2021-01-29 00:00:00

Important Photon OS Security Update - PHSA-2021-0188

2021-01-27 00:00:00

ubuntucve

CVE-2021-3156

2021-01-26 00:00:00

zdt

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (1)

2021-02-01 00:00:00

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit

2021-02-05 00:00:00

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (2)

2021-02-01 00:00:00

packetstorm

Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation

2021-02-03 00:00:00

Sudo Buffer Overflow / Privilege Escalation

2021-02-01 00:00:00

Sudo Heap-Based Buffer Overflow

2021-01-27 00:00:00

redos

ROS-2-613

2021-09-08 00:00:00

ROS-2-795

2021-09-08 00:00:00

ROS-2-438

2021-12-24 00:00:00

ubuntu

Sudo vulnerability

2021-01-27 00:00:00

debian

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

[SECURITY] [DLA 2534-1] sudo security update

2021-01-26 18:36:34

cloudlinux

Fix CVE-2021-3156: Heap-based buffer overflow in sudo

2021-01-27 12:30:00

cisa_kev

Sudo Heap-Based Buffer Overflow Vulnerability

2022-04-06 00:00:00

nvd

CVE-2021-3156

2021-01-26 21:15:12

suse

Security update for sudo (important)

2021-04-23 00:00:00

fedora

[SECURITY] Fedora 32 Update: sudo-1.9.5p2-1.fc32

2021-01-27 04:12:23

[SECURITY] Fedora 33 Update: sudo-1.9.5p2-1.fc33

2021-01-27 01:19:48

cve

CVE-2021-3156

2021-01-26 21:15:12

checkpoint_security

Check Point CVE-2021-3156 (sudo Privilege Escalation)

2021-01-28 08:21:18

veracode

Privilege Escalation

2021-01-26 21:59:42

qualysblog

Qualys Research Wins Two 2021 Pwnie Awards

2021-08-05 01:44:02

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

2021-01-26 18:09:09

mageia

Updated sudo packages fix security vulnerability

2021-01-27 03:40:21

huawei

Security Advisory - Sudo Privilege Escalation Vulnerability

2021-03-10 00:00:00

threatpost

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

2021-08-30 21:46:56

Sudo Bug Gives Root Access to Mass Numbers of Linux Systems

2021-01-27 19:16:41

redhatcve

CVE-2021-3156

2021-01-26 19:51:28

amazon

Important: sudo

2021-01-25 23:09:00

Important: sudo

2021-01-26 00:11:00

prion

Heap overflow

2021-01-26 21:15:00

debiancve

CVE-2021-3156

2021-01-26 21:15:12

freebsd

sudo -- Multiple vulnerabilities

2021-01-26 00:00:00

cvelist

CVE-2021-3156

2021-01-26 00:00:00

slackware

[slackware-security] sudo

2021-01-26 21:34:51

exploitdb

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

2021-02-03 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.97 High

EPSS

Percentile

99.7%

JSON

Related for 79B141AAF1C51913A9CB5960F462DFAB85217C7BAD6F6CB8BCD729FACEEEBD51