Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM67666A32AF183549C7A445114B0B5CABE9505EA2640F0077A5FF32DA694FFF9F
HistoryJun 16, 2018 - 9:43 p.m.

Security Bulletin: IBM QRadar SIEM and Incident Forensics are vulnerable to a path traversal attack. (CVE-2016-2872)

2018-06-1621:43:51
www.ibm.com
12

EPSS

0.002

Percentile

55.1%

JSON

Summary

Vulnerabilities found in both QRadar SIEM and Incident Forensics allow for path traversal via improperly handled parameters.

Vulnerability Details

CVE-ID: CVE-2016-2872 **
Description:IBM QRadar could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to view arbitrary files on the system. **
CVSS Base Score: 5.3**
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/112808 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products and Versions

ยท IBM QRadar SIEM 7.2.n

ยท IBM QRadar Incident Forensics 7.2.n

Remediation/Fixes

ยท QRadar / QRM / QVM / QRIF 7.2.7

Workarounds and Mitigations

None

Related

cve 1
nvd 1
cvelist 1
prion 1
openvas 1
cve
cve
CVE-2016-2872
2016-07-02 14:59:14
nvd
nvd
CVE-2016-2872
2016-07-02 14:59:14
cvelist
cvelist
CVE-2016-2872
2016-07-02 14:00:00
prion
prion
Directory traversal
2016-07-02 14:59:00
openvas
openvas
IBM QRadar Multiple Vulnerabilities
2016-07-07 00:00:00

EPSS

0.002

Percentile

55.1%

JSON
Related for 67666A32AF183549C7A445114B0B5CABE9505EA2640F0077A5FF32DA694FFF9F
cve1nvd1cvelist1prion1openvas1