2 matches found
Security Bulletin: IBM QRadar Wincollect is vulnerable to improper access control (CVE-2020-4485, CVE-2020-4486)
Summary IBM QRadar Wincollect agents could allow authenticated users to bypass restrictions to delete arbitrary files or disable the Wincollect service. Vulnerability Details CVEID: CVE-2020-4485 DESCRIPTION: IBM QRadar could allow an authenticated user to disable the Wincollect service which cou...
CVE-2020-4486
CVE-2020-4486 affects IBM QRadar Wincollect 7.2.0–7.2.9, where an authenticated user could overwrite or delete arbitrary files due to a flaw introduced after WinCollect installation. IBM’s bulletin confirms the issue and lists affected versions, with a high impact (I/H, A/H) and network attack su...