Security Bulletin: IBM QRadar SIEM is vulnerable to clear text passwords. (CVE-2016-2871)

Summary

Some passwords in IBM QRadar SIEM were found in configuration files in clear text.

Vulnerability Details

CVE-ID: CVE-2016-2871 **Description:**IBM QRadar stores passwords in clear text in configuration files, that could allow a local user to obtain critical sensitive information and gain access to the system and possibly other systems. **CVSS Base Score:**6.5 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/112807 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Affected Products and Versions

· IBM QRadar 7.2.n

· IBM QRadar 7.1.n

Remediation/Fixes

· QRadar / QRM / QVM / QRIF 7.2.7

· IBM QRadar SIEM 7.1 MR2 Patch 13

Workarounds and Mitigations

None