Lucene search
HistoryOct 04, 2015 - 2:59 a.m.
CVE-2015-2011
cve-2015-2011
ibm
qradar
siem
xmlrpc.cgi
command execution
remote code execution
nvd
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
7.2 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.7%
The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors.
Affected configurations
Node
ibmqradar_security_information_and_event_managerMatch7.1.0
ORibmqradar_security_information_and_event_managerMatch7.2.0
ORibmqradar_security_information_and_event_managerMatch7.2.1
ORibmqradar_security_information_and_event_managerMatch7.2.2
ORibmqradar_security_information_and_event_managerMatch7.2.3
ORibmqradar_security_information_and_event_managerMatch7.2.4
Related
cvelist
cvelist
CVE-2015-2011
2015-10-04 01:00:00
nvd
nvd
CVE-2015-2011
2015-10-04 02:59:06
nessus
nessus
Webmin < 1.760 xmlrpc.cgi Cross Site Scripting Vulnerability
2018-03-22 00:00:00
ibm
ibm
prion
prion
Command injection
2015-10-04 02:59:00
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
7.2 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.7%
Related for CVE-2015-2011