Lucene search
K

133 matches found

Positive Technologies
Positive Technologies
added 2023/11/23 12:0 a.m.5 views

PT-2023-7274 · Ibm · Ibm Qradar Wincollect Agent

Name of the Vulnerable Software and Affected Versions: IBM QRadar WinCollect Agent versions 10.0 through 10.1.7 Description: The issue is related to a lack of proper output encoding or escaping in the IBM QRadar WinCollect Agent, which could allow an attacker to gain unauthorized access to...

7.8CVSS7.3AI score0.00217EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/11/23 12:0 a.m.5 views

IBM QRadar WinCollect Agent 安全漏洞

IBM QRadar WinCollect Agent is an agent program from International Business Machines IBM for collecting and sending Windows event logs. A code issue vulnerability exists in IBM QRadar WinCollect Agent versions 10.0 through 10.1.7 that stems from improper coding. An attacker could exploit the...

7.8CVSS6.9AI score0.00217EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/22 3:32 p.m.51 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of...

7.8CVSS7.5AI score0.62246EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.5 views

PT-2023-7196 · Ibm · Ibm Qradar Wincollect Agent

Name of the Vulnerable Software and Affected Versions: IBM QRadar WinCollect Agent versions 10.0 through 10.1.7 Description: The issue is related to insufficient protection of service data, which could allow a privileged user to obtain sensitive information due to missing best practices. This cou...

4.9CVSS5AI score0.00595EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/09/12 12:0 a.m.5 views

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent, related to access control deficiencies, allows attackers to increase their privileges.

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent is related to deficiencies in access control. Exploiting this vulnerability can allow attackers operating remotely to enhance their privileges...

7.6CVSS7.2AI score0.00391EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/09/08 7:15 p.m.2 views

CVE-2023-38736

IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542...

7.8CVSS5.8AI score0.00391EPSS
Exploits0References2
NVD
NVD
added 2023/09/08 7:15 p.m.23 views

CVE-2023-38736

IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542...

7.8CVSS7.7AI score0.00391EPSS
Exploits0References2
Prion
Prion
added 2023/09/08 7:15 p.m.19 views

Privilege escalation

IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542...

4.3CVSS7.7AI score0.00391EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/08 6:49 p.m.16 views

CVE-2023-38736 IBM QRadar WinCollect Agent privilege escalation

IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542...

7.5CVSS6.9AI score0.00391EPSS
Exploits0References2
CVE
CVE
added 2023/09/08 6:49 p.m.60 views

CVE-2023-38736

Consolidated details from IBM and security trackers confirm CVE-2023-38736 affects IBM QRadar WinCollect Agent versions 10.0–10.1.6 when installed to run as ADMIN or SYSTEM. The vulnerability enables local privilege escalation from a non-privileged user to SYSTEM permissions. Remediation in the p...

7.8CVSS7.7AI score0.00391EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/09/08 6:49 p.m.32 views

CVE-2023-38736 IBM QRadar WinCollect Agent privilege escalation

IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542...

7.5CVSS7.8AI score0.00391EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/08 12:0 a.m.5 views

IBM QRadar WinCollect Agent Security Vulnerability

IBM QRadar WinCollect Agent is an agent program from International Business Machines IBM that collects and sends Windows event logs. A security vulnerability exists in IBM QRadar WinCollect Agent versions 10.0 through 10.1.6, which stems from vulnerability to a local privilege escalation attack. ...

7.8CVSS6.8AI score0.00391EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/06 10:47 p.m.87 views

Security Bulletin: IBM QRadar WinCollect Agent is vulnerable to a local escalation of privilege attack in some configurations (CVE-2023-38736)

Summary IBM QRadar WinCollect Agent when installed to run as Admin or System, or with Admin or System privileges, is vulnerable to a local escalation of privilege attack that a non-privileged user could utilize to gain System permissions. IBM has addressed the relevant vulnerability. Vulnerabilit...

7.8CVSS7.8AI score0.00391EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/25 12:0 a.m.7 views

PT-2023-4945 · Ibm · Ibm Qradar Wincollect Agent

Name of the Vulnerable Software and Affected Versions: IBM QRadar WinCollect Agent versions 10.0 through 10.1.6 Description: The issue is related to insufficient access control in the IBM QRadar WinCollect Agent, which can be exploited by a remote attacker to elevate their privileges. A normal us...

7.8CVSS7.8AI score0.00391EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 5:54 p.m.89 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities Vulnerability Details CVEID:CVE-2023-28319 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a use-after-free...

7.5CVSS7.4AI score0.03658EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/08 9:14 p.m.70 views

Security Bulletin: cURL as used by IBM QRadar WinCollect Agent contains multiple vulnerabilities

Summary cURL as used by IBM QRadar WinCollect Agent contains multiple vulnerabilities. IBM has addressed the relevant vulnerabilities. Vulnerability Details CVEID:CVE-2023-27533 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a TELNET option IAC...

8.8CVSS8.2AI score0.02195EPSS
Exploits6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.6 views

The vulnerability of the IBM QRadar WinCollect Agent’s event forwarding mechanism, related to access control deficiencies, allows attackers to increase their privileges.

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.2CVSS7.2AI score0.00203EPSS
Exploits0References4Affected Software1
NCSC
NCSC
added 2023/06/01 12:0 a.m.16 views

Vulnerabilities fixed in IBM QRadar Wincollect Agent

IBM has fixed vulnerabilities in the Wincollect Agent of QRadar. A local malicious person could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary code execute code with permissions from the underlying system. IBM has released updates to fix the...

8.2CVSS7.3AI score0.00203EPSS
Exploits0
NVD
NVD
added 2023/05/31 8:15 p.m.12 views

CVE-2023-26278

IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain elevated privileges on the system. IBM X-Force ID: 248158...

8.2CVSS7.9AI score0.00203EPSS
Exploits0References2
OSV
OSV
added 2023/05/31 8:15 p.m.2 views

CVE-2023-26278

IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain elevated privileges on the system. IBM X-Force ID: 248158...

7.8CVSS7.1AI score0.00203EPSS
Exploits0References2
Rows per page
Query Builder