Xxe

2020-06-0414:15:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.3%

JSON

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 182364.

CPENameOperatorVersion
qradar_security_information_and_event_managereq7.3.0
qradar_security_information_and_event_managereq7.4.0

CPE	Name	Operator	Version
	qradar_security_information_and_event_manager	eq	7.3.0
	qradar_security_information_and_event_manager	eq	7.4.0

References

exchange.xforce.ibmcloud.com/vulnerabilities/182364

www.ibm.com/support/pages/node/6220154