Xxe

2020-07-1413:15:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.6%

JSON

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 182365.

CPENameOperatorVersion
qradar_security_information_and_event_managerge7.3.0
qradar_security_information_and_event_managerle7.3.2
qradar_security_information_and_event_managereq7.3.3 p1
qradar_security_information_and_event_managereq7.3.3
qradar_security_information_and_event_managereq7.3.3 p2
qradar_security_information_and_event_managereq7.4.0 p1
qradar_security_information_and_event_managereq7.4.0 p2
qradar_security_information_and_event_managereq7.3.3 p3
qradar_security_information_and_event_managereq7.4.0

Name	Operator	Version
qradar_security_information_and_event_manager	ge	7.3.0
qradar_security_information_and_event_manager	le	7.3.2
qradar_security_information_and_event_manager	eq	7.3.3 p1
qradar_security_information_and_event_manager	eq	7.3.3
qradar_security_information_and_event_manager	eq	7.3.3 p2
qradar_security_information_and_event_manager	eq	7.4.0 p1
qradar_security_information_and_event_manager	eq	7.4.0 p2
qradar_security_information_and_event_manager	eq	7.3.3 p3
qradar_security_information_and_event_manager	eq	7.4.0