The software specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
CVE-ID: CVE-2016-2877 **
Description:IBM QRadar could allow a local user to write files to certain web accessible directories due to incorrect privileges on those folders. **
CVSS Base Score: 4.0**
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/112850 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
ยท IBM QRadar 7.2.n
ยท IBM QRadar 7.1.n
ยท QRadar / QRM / QVM / QRIF 7.2.7
ยท IBM QRadar SIEM 7.1 MR2 Patch 13
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security qradar siem | eq | 7.1 | |
ibm security qradar siem | eq | 7.2 |