Lucene search
IBM74B02D5A2FA9CF0BCD9FA9CABDEDA92416FB0F0884F8A99036DF9F409F0A754EHistoryJun 16, 2018 - 9:30 p.m.
Security Bulletin: IBM QRadar SIEM is vulnerable to shell command injection vulnerability in the admin panel. (CVE-2015-4930, CVE-2015-2016 )
2018-06-1621:30:22
www.ibm.com
14
EPSS
0.003
Percentile
66.1%
Summary
IBM QRadar SIEM is vulnerable to a shell command injection the in admin panel if logged in as an admin user.
Vulnerability Details
CVE-ID:CVE-2015-4930
**
Description:IBM QRadar could allow a user authenticated with admin access, to execute commands on the server as root. **
CVSS Base Score:8.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104118 for the current score**
CVSS Environmental Score:*Undefined
CVSS Vector:**AV:N/AC:M/Au:S/C:C/I:C/A:C
Affected Products and Versions
ยท IBM QRadar SIEM 7.2.x.
ยท IBM QRadar SIEM 7.1 MR2 Patch 1 - Patch 10.
Remediation/Fixes
ยท IBM QRadar/QRM/QVM/QRIF 7.2.5 Patch 4
ยท IBM QRadar SIEM 7.1 MR2 Patch 11 Interim Fix 02
Workarounds and Mitigations
None
Related
cve
cve
CVE-2015-4930
2015-10-04 02:59:16
CVE-2015-2016
2015-10-04 02:59:07
prion
prion
Command injection
2015-10-04 02:59:00
Code injection
2015-10-04 02:59:00
nvd
nvd
CVE-2015-4930
2015-10-04 02:59:16
CVE-2015-2016
2015-10-04 02:59:07
cvelist
cvelist
CVE-2015-4930
2015-10-04 01:00:00
CVE-2015-2016
2015-10-04 01:00:00
EPSS
0.003
Percentile
66.1%
Related for 74B02D5A2FA9CF0BCD9FA9CABDEDA92416FB0F0884F8A99036DF9F409F0A754E