The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
CVE-ID: CVE-2016-2881 **
Description:IBM QRadar and Incident Forensics could allow a remote attacker to bypass security and gain access to application functionality by manipulating request parameters. **
CVSS Base Score: 6.5**
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/112860 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
· IBM QRadar SIEM 7.2.n
· IBM QRadar SIEM 7.1.n
· IBM QRadar Incident Forensics 7.2.n