Security Bulletin: IBM QRadar SIEM contains unnecessary privilege usage. (CVE-2016-2876)

Summary Multiple processes run by IBM QRadar SIEM use higher than necessary privileges, which can be abused due to other shell command injection vulnerabilities. Vulnerability Details CVE-ID: CVE-2016-2876 Description: IBM QRadar could allow an authenticated user to inject operating system comman...

CVE-2016-2876

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue...

CVE-2016-2876

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue...

CVE-2016-2876

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue...

CVE-2016-2876

IBM QRadar SIEM is affected by CVE-2016-2876, where an authenticated user can inject OS commands that execute with root privileges due to privilege elevation in certain processes. Affected versions include QRadar 7.1 before MR2 Patch 13 and 7.2 before 7.2.7. The root-cause involves commands being...