Lucene search
K

6 matches found

Prion
Prion
added 2021/12/01 5:15 p.m.15 views

Server side request forgery (ssrf)

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to server side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. This vulnerability is due to an incomplete fix for...

4CVSS4.5AI score0.00541EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2021/07/08 12:0 a.m.109 views

IBM QRadar SIEM 服务器端请求伪造 SSRF(CVE-2020-4786)

...

4CVSS2.3AI score0.00541EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/28 7:19 a.m.22 views

Security Bulletin: IBM QRadar SIEM is vulnerable to Server Side Request Forgery (SSRF) (CVE-2020-4786)

Summary IBM QRadar SIEM is vulnerable to Server Side Request Forgery Vulnerability Details CVEID: CVE-2020-4786 DESCRIPTION: IBM QRadar Network Security is vulnerable to server side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system,...

5.4CVSS0.9AI score0.00541EPSS
Exploits1Affected Software1
Circl
Circl
added 2021/01/27 8:37 p.m.8 views

CVE-2020-4786

creationtimestamp| type| source ---|---|--- 2021-01-27 20:37:34+00:00| seen| https://t.me/cibsecurity/22738 2021-07-07 14:28:57+00:00| published-proof-of-concept| https://t.me/ptswarm/51 2021-12-01 20:35:33+00:00| seen| https://t.me/cibsecurity/33217...

5.4CVSS4.9AI score0.00541EPSS
Exploits1References3
NVD
NVD
added 2021/01/27 5:15 p.m.20 views

CVE-2020-4786

IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other...

5.4CVSS4.5AI score0.00541EPSS
Exploits1References2
CVE
CVE
added 2021/01/27 4:35 p.m.62 views

CVE-2020-4786

IBM QRadar SIEM is affected by SSRF in the same lineage as CVE-2020-4786. Affected versions include 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5. The root cause is an incomplete fix for CVE-2020-4786, enabling an authenticated attacker to send unauthorized request...

5.4CVSS4.3AI score0.00541EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder