4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
Open source Apache HTTP Server is vulnerable to a denial of service, caused by an error in the mod_deflate module as used in IBM QRadar 7.1 MR2 and IBM QRadar 7.2.3
CVE-ID:CVE-2014-0118
DESCRIPTION:Apache HTTP Server is vulnerable to a denial of service, caused by an error in the mod_deflate module. By sending specially-crafted requests, an attacker could exploit this vulnerability to exhaust all available CPU and memory resources.
CVSS Base Score: 5.0
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/94675 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The recommended solution is to apply the fix for each named product as soon as practical. Please see below for information about the fixes available.
Product | Remediation/First Fix |
---|---|
QRadar 7.1 MR2 | QRadar 7.1 MR2 Patch 8 |
QRadar 7.2.3 | QRadar 7.2.3 Patch 4 |
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security qradar siem | eq | 7.1 | |
ibm security qradar siem | eq | 7.2 |