Lucene search

K
ibmIBMF41E381C2C2A8FD114883FDF51C862AB5BA9B297F3FB4869A8C17AAC7C22E525
HistoryMar 27, 2020 - 8:10 a.m.

Security Bulletin: IBM QRadar Network Security is affected by a tcpdump vulnerability (CVE-2018-19519)

2020-03-2708:10:29
www.ibm.com
11

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

Summary

IBM QRadar Network Security is affected by a tcpdump vulnerability

Vulnerability Details

CVEID:CVE-2018-19519
**DESCRIPTION:**Tcpdump is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the print_prefix function of print-hncp.c. By using a specially-crafted packet data, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/153314 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Affected Products and Versions

IBM QRadar Network Security 5.4.0

IBM QRadar Network Security 5.5.0

Remediation/Fixes

Product |

VRMF

|

Remediation/First Fix

—|—|—

IBM QRadar Network Security

|

5.4.0

|

Install Firmware 5.4.0.10 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector.
Or
Download Firmware 5.4.0.10 from IBM Security License Key and Download Center and upload and install via the Available Updates page of the Local Management Interface.

IBM QRadar Network Security

|

5.5.0

|

Install Firmware 5.5.0.5 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector.
Or
Download Firmware 5.5.0.5 from IBM Security License Key and Download Center and upload and install via the Available Updates page of the Local Management Interface.

Workarounds and Mitigations

None

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N