Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM1B3DEFC9E5DBB4135267BC4D40637FF908E3F4001836ABF02E91BA08639CD2E7
HistoryJun 16, 2018 - 9:30 p.m.

Security Bulletin: IBM QRadar SIEM is vulnerable to SSH key exposure. (CVE-2015-2008)

2018-06-1621:30:57
www.ibm.com
12

0.001 Low

EPSS

Percentile

38.7%

JSON

Summary

Exposing SSH private keys allows potential attackers to escalate privileges from console admin to root.

Vulnerability Details

VULNERABILITY DETAILS **
CVE-ID:CVE-2015-2008 **
Description:IBM QRadar SIEM stores private SSH keys in the backup which could allow a user with administrator access to gain sensitive information for use in future attacks. **
CVSS Base Score: 3.5
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/103920 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** AV:N/AC:M/Au:S/C:P/I:N/A:N

Affected Products and Versions

ยท IBM QRadar SIEM 7.2.n
ยท IBM QRadar SIEM 7.1.n

Remediation/Fixes

ยท IBM QRadar SIEM 7.2.6
ยท IBM QRadar SIEM 7.1 MR2 Patch 12

Workarounds and Mitigations

None

Related

cvelist 1
nvd 1
cve 1
prion 1
cvelist
cvelist
CVE-2015-2008
2016-02-15 02:00:00
nvd
nvd
CVE-2015-2008
2016-02-15 02:59:01
cve
cve
CVE-2015-2008
2016-02-15 02:59:01
prion
prion
Design/Logic Flaw
2016-02-15 02:59:00

0.001 Low

EPSS

Percentile

38.7%

JSON
Related for 1B3DEFC9E5DBB4135267BC4D40637FF908E3F4001836ABF02E91BA08639CD2E7
cvelist1nvd1cve1prion1