The xmlrpc.cgi Webmin script allows arbitrary command execution and escalation of privileges.
CVE-ID:CVE-2015-2011
**Description:**IBM QRadar could allow an authenticated user to execute code as root.
**CVSS Base Score:**8.5 **CVSS Temporal Score: **See https://exchange.xforce.ibmcloud.com/vulnerabilities/103922 for the current score **CVSS Environmental Score:***Undefined **CVSS Vector:**AV:N/AC:M/Au:S/C:C/I:C/A:C
ยท IBM QRadar SIEM 7.2.x.
ยท IBM QRadar SIEM 7.1 MR2 Patch 1 to Patch 10
ยท IBM QRadar/QRM/QVM/QRIF 7.2.5 Patch 4
ยท IBM QRadar SIEM 7.1 MR2 Patch 11 Interim Fix 02
None