Instances of Cross-Site Request Forgery have been found in IBM QRadar SIEM.
CVE-ID: CVE-2016-2878 **
Description:IBM QRadar is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities. **
CVSS Base Score: 4.3**
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/112851 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
ยท IBM QRadar 7.2.n
ยท IBM QRadar 7.1.n
ยท QRadar / QRM / QVM / QRIF 7.2.7
ยท IBM QRadar SIEM 7.1 MR2 Patch 13
None