IBM QRadar Incident Forensics is susceptible to a specially-crafted SQL statement attack.
CVE-ID: CVE-2015-1989
Description: IBM QRadar Incident Forensics is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVSS Base Score: 6.5 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/103828 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
ยท IBM QRadar Incident Forensics 7.2.n
ยท IBM QRadar/QRM/QVM/QRIF 7.2.5 Patch 5
None