CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
9.0%
IBM QRadar Wincollect agent is vulnerable to server side request forgery. IBM QRadar WinCollect for IBM QRadar SIEM has addressed the applicable CVE.
CVEID:CVE-2022-43880
**DESCRIPTION:**IBM QRadar WinCollect Agent could allow a privileged user to cause a denial of service.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/240151 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
QRadar WinCollect Agent | 10.0 - 10.1.2 |
IBM recommends customers upgrade their systems promptly.
There is a new upgrade for the WinCollect standalone agent. The following WinCollect standalone agent versions can be used to upgrade the affected versions to resolve the vulnerability. For information on how to upgrade your WinCollect version, see the WinCollect 10.1.3 release notes: <https://www.ibm.com/support/pages/node/6958514>
Download and install the WinCollect standalone agent version 10.1.3 for your version of QRadar:
QRadar Version | WinCollect Standalone Agent 10.1.3 Versions |
---|---|
7.5 |
WinCollect Agent MSI (64-bit) - Standalone only
WinCollect Agent MSI (32-bit) - Standalone only
7.4|
WinCollect Agent MSI (64-bit) - Standalone only
WinCollect Agent MSI (32-bit) - Standalone only
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | qradar_network_security | 10 | cpe:2.3:a:ibm:qradar_network_security:10:*:*:*:*:*:*:* |
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
9.0%