Lucene search

[email protected]NVD:CVE-2015-4956

HistoryFeb 15, 2016 - 2:59 a.m.

CVE-2015-4956

2016-02-1502:59:02

CWE-78

[email protected]

web.nvd.nist.gov

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

AI Score

7.3

Confidence

High

EPSS

0.011

Percentile

84.8%

JSON

The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands via unknown vectors.

Affected configurations

Nvd

Node

ibmqradar_security_information_and_event_managerMatch7.1.0

VendorProductVersionCPE
ibmqradar_security_information_and_event_manager7.1.0cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	qradar_security_information_and_event_manager	7.1.0	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:::::::*

References

www-01.ibm.com/support/docview.wss?uid=swg21967649

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

AI Score

7.3

Confidence

High

EPSS

0.011

Percentile

84.8%

JSON

Related for NVD:CVE-2015-4956

cve1 ibm1 cvelist1 prion1