2 matches found
Security Bulletin: IBM QRadar SIEM is vulnerable to SQL Injection. (CVE-2017-1722)
Summary QRadar used an insecure method for generating SQL query and as such was vulnerable to SQL injection where an attacker injects arbitrary SQL into database queries in order to retrieve information from the database. Vulnerability Details CVEID: CVE-2017-1722 DESCRIPTION: IBM QRadar is...
CVE-2017-1722
IBM QRadar SIEM is vulnerable to SQL injection (CVE-2017-1722) due to an insecure method generating SQL queries. Affected products include QRadar SIEM 7.3.0 (7.3.0 Patch 7) and 7.2.x releases (7.2.0 to 7.2.8 Patch 11). The underlying issue allows a remote attacker to send specially crafted SQL st...