Описание
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue.
Уязвимые конфигурации
Конфигурация 1Версия до 7.1.0 (включая)
Одно из
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:mr1:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01257
Низкий
7.5 High
CVSS3
8.5 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue.
EPSS
Процентиль: 79%
0.01257
Низкий
7.5 High
CVSS3
8.5 High
CVSS2
Дефекты
CWE-78