IBMEFEA2B3E28119C981962960AD578CD2E1E6162CA5031FECACFAD5332B90EE9ACSecurity Bulletin: IBM QRadar SIEM is vulnerable to incorrect permission assignment. (CVE-2016-9722)
0.001 Low
EPSS
Percentile
30.6%
Summary
The software specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Vulnerability Details
CVE-ID: CVE-2016-9722 **
Description:IBM QRadar specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
CVSS Base Score:** 4.20**
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/119737 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Affected Products and Versions
ยท IBM QRadar 7.3 to 7.3.0 Patch 6
ยท IBM QRadar 7.2 to 7.2.8 Patch 10
Remediation/Fixes
ยท IBM QRadar/QRM/QVM/QRIF/QNI 7.3.1 GA
ยท IBM QRadar/QRM/QVM/QRIF/QNI 7.3.0 Patch 7
ยท IBM QRadar SIEM 7.2.8 Patch 11
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security qradar siem | eq | 7.3 | |
| ibm security qradar siem | eq | 7.2 |
Related
0.001 Low
EPSS
Percentile
30.6%