IBM QRadar SIEM is vulnerable to Server Side Request Forgery
CVEID:CVE-2020-4787
**DESCRIPTION:**IBM QRadar is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/189224 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L)
IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1
IBM QRadar SIEM 7.4.0 to 7.4.1 Patch 1
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 5
QRadar / QRM / QVM 7.4.2 Patch 2
QRadar / QRM / QVM 7.4.1 Patch 2
QRadar / QRM / QVM 7.3.3 Patch 7
QRadar incident forensics please use the SFS below
QRadar Incident Forensics / QNI 7.4.2 Patch 2
QRadar Incident Forensics / QNI 7.4.1 Patch 2
QRadar Incident Forensics / QNI 7.3.3 Patch 7
None