CVE-2013-5463

2013-11-2915:55:03

CWE-264

[email protected]

web.nvd.nist.gov

ibm

security

qradar

siem

vulnerability

bypass

access restrictions

remote attackers

nvd

cve-2013-5463

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.2%

JSON

The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 allows remote attackers to bypass intended access restrictions by injecting a (1) DLL or (2) configuration file.

Affected configurations

NVD

Node

ibmqradar_security_information_and_event_managerRange≤7.1.0

ibmqradar_security_information_and_event_managerMatch7.0.0

ibmqradar_security_information_and_event_managerMatch7.0.1

CPENameOperatorVersion
ibm:qradar_security_information_and_event_manageribm qradar security information and event managerle7.1.0
ibm:qradar_security_information_and_event_manageribm qradar security information and event managereq7.0.0
ibm:qradar_security_information_and_event_manageribm qradar security information and event managereq7.0.1

CPE	Name	Operator	Version
ibm:qradar_security_information_and_event_manager	ibm qradar security information and event manager	le	7.1.0
ibm:qradar_security_information_and_event_manager	ibm qradar security information and event manager	eq	7.0.0
ibm:qradar_security_information_and_event_manager	ibm qradar security information and event manager	eq	7.0.1