Security Bulletin: IBM QRadar SIEM can be affected by Multiple Vulnerabilities in the IBM Java Runtime Environment. (CVE-2015-0478, CVE-2015-0488, CVE-2015-1916, CVE-2015-2613, CVE-2015-2601, CVE-2015-4749, CVE-2015-2625, CVE-2015-1931)

Summary

Several previously released versions of IBM QRadar SIEM, and IBM QRadar Incident Forensics are affected by multiple vulnerabilities reported in the IBM SDK Java Technology Edition Version 6 and 7.

Vulnerability Details

CVE-ID: CVE-2015-0478

Description: An unspecified vulnerability in Oracle Java SE and JRockit related to the JCE component could allow a remote attacker to obtain sensitive information.

CVSS Base Score: 4.3 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/102339 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

CVE-ID: CVE-2015-0488

Description: An unspecified vulnerability in Oracle Java SE and Jrockit related to the JSSE component could allow a remote attacker to cause a denial of service.

CVSS Base Score: 5.0 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/102336 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

CVE-ID: CVE-2015-1916

Description: Server applications which use the IBM Java Secure Socket Extension provider to accept SSL/TLS connections are vulnerable to a denial of service attack due to an unspecified vulnerability.

CVSS Base Score: 5.0 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/101995 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

CVE-ID: CVE-2015-2613

Description: An unspecified vulnerability and Java SE Embedded related to the JCE component could allow a remote attacker to obtain sensitive information.

CVSS Base Score: 5.0 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/104734 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

CVE-ID: CVE-2015-2601

Description: An unspecified vulnerability related to the JCE component could allow a remote attacker to obtain sensitive information.

CVSS Base Score: 5.0 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/104733 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

CVE-ID: CVE-2015-4749

Description: An unspecified vulnerability related to the JNDI component could allow a remote attacker to cause a denial of service.

CVSS Base Score: 4.3 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/104740 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

CVE-ID: CVE-2015-2625

Description: An unspecified vulnerability related to the JSSE component could allow a remote attacker to obtain sensitive information.

CVSS Base Score: 2.6 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/104743 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

CVE-ID: CVE-2015-1931

Description: IBM Java Security Components store plain text data in memory dumps, which could allow a local attacker to obtain information to aid in further attacks against the system.

CVSS Base Score: 2.1 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/102967 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Affected Products and Versions

· IBM QRadar SIEM 7.2.5 Patch 3 and earlier versions.

· IBM QRadar SIEM 7.1 MR2 Patch 11 Interim Fix 01 and earlier versions.

· IBM QRadar Incident Forensics 7.2.5 Patch 3 and earlier versions

Remediation/Fixes

· IBM QRadar/QRM/QVM/QRIF 7.2.5 Patch 3 Interim Fix 01

· IBM QRadar SIEM 7.1 MR2 Patch 11 Interim Fix 02

Workarounds and Mitigations

None