IBMAB3DAD106D99F8C869CED887AF75919567F729422A0DB3FCFE79E4481FCE7B92Security Bulletin: PostgreSQL 9.2.8 as used in IBM QRadar SIEM 7.2.4 and IBM QRadar SIEM 7.1 MR2 is vulnerable to allow a remote authenticated attacker to obtain sensitive information. (CVE-2014-8161, CVE-2015-0241, CVE-2015-0243, CVE-2015-0244)
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Summary
Multiple security vulnerabilities have been discovered in the PostgreSQL component bundled with IBM QRadar version 7.1.x and 7.2.x.
Vulnerability Details
CVE-ID:CVE-2014-8161
Description: PostgreSQL could allow a remote authenticated attacker to obtain sensitive information, caused by a constraint violation error. An attacker could exploit this vulnerability to obtain restricted data.
**CVSS Base Score:**4.0 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/100781 for the current score. **CVSS Environmental Score:***Undefined **CVSS Vector:**AV:N/AC:L/Au:S/C:P/I:N/A:N
CVE-ID:CVE-2015-0241
Description: PostgreSQL is vulnerable to a buffer overflow, caused by improper bounds checking by the to_char function. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
**CVSS Base Score:**6.0 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/100777 for the current score. **CVSS Environmental Score:***Undefined **CVSS Vector:**AV:N/AC:M/Au:S/C:P/I:P/A:P
CVE-ID:CVE-2015-0243
Description: PostgreSQL is vulnerable to a stack buffer overflow, caused by improper bounds checking by the pgcrypto extension. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
**CVSS Base Score:**6.0 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/100779 for the current score. **CVSS Environmental Score:***Undefined **CVSS Vector:**AV:N/AC:M/Au:S/C:P/I:P/A:P
CVE-ID:CVE-2015-0244
Description: PostgreSQL could allow a remote authenticated attacker to bypass security restrictions, caused by an error in extended protocol message reading. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions.
**CVSS Base Score:**3.5 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/100780 for the current score. **CVSS Environmental Score:***Undefined **CVSS Vector:**AV:N/AC:M/Au:S/C:N/I:P/A:N
Affected Products and Versions
· IBM QRadar Security Information and Event Manager 7.2.x.
· IBM QRadar Security Information and Event Manager 7.1.x…
Remediation/Fixes
· IBM QRadar/QRM/QVM/QRIF 7.2.5 Patch 3
· IBM QRadar Security Information and Event Manager 7.1 MR2 Patch 11
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security qradar siem | eq | 7.1 | |
| ibm security qradar siem | eq | 7.2 |
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P