Lucene search
IBM0023B42D6A17D5E359098B9141F98E1A4966EB98BC9DCEF1400330EE9F7556F9HistoryJun 16, 2018 - 9:30 p.m.
SECURITY BULLETIN: Webmin as used in IBM QRadar SIEM is vulnerable to Execute code as root. (CVE-2015-2011)
2018-06-1621:30:22
www.ibm.com
11
EPSS
0.002
Percentile
52.7%
Summary
The xmlrpc.cgi Webmin script allows arbitrary command execution and escalation of privileges.
Vulnerability Details
CVE-ID:CVE-2015-2011
**Description:**IBM QRadar could allow an authenticated user to execute code as root.
**CVSS Base Score:**8.5 **CVSS Temporal Score: **See https://exchange.xforce.ibmcloud.com/vulnerabilities/103922 for the current score **CVSS Environmental Score:***Undefined **CVSS Vector:**AV:N/AC:M/Au:S/C:C/I:C/A:C
Affected Products and Versions
ยท IBM QRadar SIEM 7.2.x.
ยท IBM QRadar SIEM 7.1 MR2 Patch 1 to Patch 10
Remediation/Fixes
ยท IBM QRadar/QRM/QVM/QRIF 7.2.5 Patch 4
ยท IBM QRadar SIEM 7.1 MR2 Patch 11 Interim Fix 02
Workarounds and Mitigations
None
Related
prion
prion
Command injection
2015-10-04 02:59:00
nessus
nessus
Webmin < 1.760 xmlrpc.cgi Cross Site Scripting Vulnerability
2018-03-22 00:00:00
cve
cve
CVE-2015-2011
2015-10-04 02:59:06
cvelist
cvelist
CVE-2015-2011
2015-10-04 01:00:00
nvd
nvd
CVE-2015-2011
2015-10-04 02:59:06
EPSS
0.002
Percentile
52.7%
Related for 0023B42D6A17D5E359098B9141F98E1A4966EB98BC9DCEF1400330EE9F7556F9