7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
IBM QRadar Security Information and Event Manager (SIEM) 7.1 MR2 and 7.2 MR2 utilizes Apache Xalan-Java that contains a vulnerability.
CVE ID:
CVE-2014-0107
DESCRIPTION:
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
CVSS:
CVSS Base Score: 5
_CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/92023 for the current score _
_CVSS Environmental Score*: Undefined _
CVSS Vector: (AV:N/AC:L/Au:N/C:P/A:N)
The recommended solution is to apply the fix for each named product as soon as practical. Please see below for information about the fixes available.
For QRadar SIEM 7.1 MR2:
- Upgrade to QRadar SIEM 7.1 MR2 Patch 7 - 7.1.0-QRADAR-QRSIEM-880308
For QRadar SIEM 7.2 MR2:
- Upgrade to QRadar SIEM 7.2 MR2 Patch 3 - 7.2.2-QRADAR-QRSIEM-882822
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security qradar siem | eq | 7.1 | |
ibm security qradar siem | eq | 7.2 |