Design/Logic Flaw

2016-11-3020:59:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.3%

JSON

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 and QRadar Incident Forensics 7.2 before 7.2.7 allow remote attackers to bypass intended access restrictions via modified request parameters.

CPENameOperatorVersion
qradar_security_information_and_event_managereq7.2.0
qradar_security_information_and_event_managereq7.2.4
qradar_security_information_and_event_managereq7.2.6
qradar_security_information_and_event_managereq7.2.1
qradar_security_information_and_event_managereq7.2.5
qradar_security_information_and_event_managerle7.1.0
qradar_security_information_and_event_managereq7.2.2
qradar_security_information_and_event_managereq7.2.3

Name	Operator	Version
qradar_security_information_and_event_manager	eq	7.2.0
qradar_security_information_and_event_manager	eq	7.2.4
qradar_security_information_and_event_manager	eq	7.2.6
qradar_security_information_and_event_manager	eq	7.2.1
qradar_security_information_and_event_manager	eq	7.2.5
qradar_security_information_and_event_manager	le	7.1.0
qradar_security_information_and_event_manager	eq	7.2.2
qradar_security_information_and_event_manager	eq	7.2.3

References

www-01.ibm.com/support/docview.wss?uid=swg21987777