Design/Logic Flaw

2016-11-3018:59:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file.

CPENameOperatorVersion
qradar_security_information_and_event_managereq7.2.0
qradar_security_information_and_event_managereq7.2.4
qradar_security_information_and_event_managereq7.2.6
qradar_security_information_and_event_managereq7.2.1
qradar_security_information_and_event_managereq7.2.5
qradar_security_information_and_event_managerle7.1.0
qradar_security_information_and_event_managereq7.2.2
qradar_security_information_and_event_managereq7.2.3

Name	Operator	Version
qradar_security_information_and_event_manager	eq	7.2.0
qradar_security_information_and_event_manager	eq	7.2.4
qradar_security_information_and_event_manager	eq	7.2.6
qradar_security_information_and_event_manager	eq	7.2.1
qradar_security_information_and_event_manager	eq	7.2.5
qradar_security_information_and_event_manager	le	7.1.0
qradar_security_information_and_event_manager	eq	7.2.2
qradar_security_information_and_event_manager	eq	7.2.3