2 matches found
Security Bulletin: IBM QRadar SIEM can be affected by a command injection vulnerability (CVE-2013-2970)
Abstract A vulnerability has been discovered within the IBM QRadar Security Information and Event Manager SIEM software that allows an authenticated user to execute limited operating system commands on the QRadar device and gain limited remote shell access. Content VULNERABILITY DETAILS:...
CVE-2013-2970
CVE-2013-2970 affects IBM QRadar SIEM (7.0 and 7.1) and is a command-injection flaw exploitable by an authenticated user to run OS commands, potentially gaining remote shell access. The issue originates from a vulnerability allowing limited command execution by a webservices user. Remediation pro...