Security Bulletin: Apache Poi as used by IBMQRadar SIEM is vulnerable to information disclosure (CVE-2019-12415, CVE-2017-12626)

Summary Apache Poi as used by IBMQRadar SIEM is vulnerable to information disclosure Vulnerability Details CVEID: CVE-2019-12415 DESCRIPTION: Apache POI could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data by tool...

CVE-2015-2016

Unspecified vulnerability in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unknown vectors...