CVE-2016-9722

Опубликовано: 10 янв. 2018

Источник: nvd

CVSS3: 4.2

CVSS2: 4.9

EPSS Средний

Описание

IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 119737.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22012293
Broken Link
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/119737
VDB Entry
Vendor Advisory
https://www.exploit-db.com/exploits/45005/
Exploit
Third Party Advisory
VDB Entry
http://www.ibm.com/support/docview.wss?uid=swg22012293
Broken Link
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/119737
VDB Entry
Vendor Advisory
https://www.exploit-db.com/exploits/45005/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.31976

Средний

4.2 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-p7h8-p48v-gf6r