2 matches found
CVE-2015-2009
Cross-site request forgery CSRF vulnerability in the xmlrpc.cgi service in IBM QRadar SIEM 7.1 before MR2 Patch 11 Interim Fix 02 and 7.2.x before 7.2.5 Patch 4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences via vectors related to...
CVE-2015-2009
CVE-2015-2009 concerns IBM QRadar SIEM: a CSRF in the xmlrpc.cgi service allows an attacker to hijack user authentication for requests that insert XSS sequences. Affected: QRadar 7.1 before MR2 Patch 11 Interim Fix 02 and 7.2.x before 7.2.5 Patch 4. Impact described as authentication hijack via C...