2 matches found
CVE-2018-1649
IBM QRadar Incident Forensics is affected by CVE-2018-1649, a path traversal vulnerability in file path processing during download/upload. The issue arises from unsafe handling of path components, allowing a remote attacker to use a crafted URL containing dot-dot sequences ("/../") to view arbitr...
Security Bulletin: IBM QRadar Incident Forensics is vulnerable to Path Traversal (CVE-2018-1649)
Summary The product processes file paths in a download or upload functionality unsafely. This allows access to arbitrary files on the system. Vulnerability Details CVEID: CVE-2018-1649 Description: IBM QRadar Incident Forensics could allow a remote attacker to traverse directories on the system. ...