IBM QRadar SIEM, and Incident Forensics may pass unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. This could allow attackers to execute arbitrary commands on the system. IBM has addressed this issue.
CVEID: CVE-2016-9726**
DESCRIPTION:** IBM QRadar Incident Forensics could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base Score: 8.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119755> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2016-9727**
DESCRIPTION:** IBM QRadar could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base Score: 8.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119756> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)
ā¢ IBM QRadar SIEM 7.2.n
ā¢ IBM QRadar Incident Forensics 7.2.n
ā¢ IBM QRadar/QRM/QVM/QRIF 7.2.8 Patch 4
None