Lucene search
IBM09C9192EBF27AAAAC2DF32548BC172BB77EE6342FAD9BEED23DEDC13F5CC63CFHistoryJun 16, 2018 - 9:44 p.m.
Security Bulletin: IBM QRadar SIEM is vulnerable to incorrect authorization. (CVE-2016-2874)
2018-06-1621:44:55
www.ibm.com
11
EPSS
0.001
Percentile
32.3%
Summary
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Vulnerability Details
CVE-ID: CVE-2016-2874 **
Description:IBM QRadar under some configurations allow product authorization rules to be bypassed allowing product users access to information that was not intended for them. **
CVSS Base Score: 3.1**
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/112836 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products and Versions
ยท IBM QRadar 7.2.n
ยท IBM QRadar 7.1.n
Remediation/Fixes
ยท QRadar / QRM / QVM / QRIF 7.2.7
ยท IBM QRadar SIEM 7.1 MR2 Patch 13
Workarounds and Mitigations
None
Related
prion
prion
Authorization
2016-11-30 18:59:00
nvd
nvd
CVE-2016-2874
2016-11-30 18:59:03
cvelist
cvelist
CVE-2016-2874
2016-11-30 18:00:00
cve
cve
CVE-2016-2874
2016-11-30 18:59:03
EPSS
0.001
Percentile
32.3%
Related for 09C9192EBF27AAAAC2DF32548BC172BB77EE6342FAD9BEED23DEDC13F5CC63CF