IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing “dot dot” sequences (/…/) to view arbitrary files on the system. IBM X-Force ID: 260575.
CPE | Name | Operator | Version |
---|---|---|---|
soar_qradar_plugin_app | ge | 1.0 | |
soar_qradar_plugin_app | lt | 5.0.3 |