Lucene search

K
ibmIBM1E4F1539C9222B2009668449A6C3CF794AB01AF3B3CFBC399634BBC90D409FE5
HistoryMar 05, 2019 - 6:10 p.m.

Security Bulletin: IBM QRadar SIEM is vulnerable to Apache Tomcat Publicly disclosed vulnerability (CVE-2018-11784)

2019-03-0518:10:01
www.ibm.com
43

0.791 High

EPSS

Percentile

98.3%

Summary

Apache Tomcat Publicly disclosed vulnerability

Vulnerability Details

CVEID: CVE-2018-11784
**Description:**Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the default servlet. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites.
**CVSS Base Score:**7.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150860&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

Affected Products and Versions

  • IBM QRadar SIEM 7.3.0 - 7.3.1 Patch 7

Remediation/Fixes

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security qradar siemeq7.3