CVE-2016-9738

Опубликовано: 27 июн. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 119783.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22004926
Patch
Vendor Advisory
http://www.securityfocus.com/bid/99266
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/119783
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22004926
Patch
Vendor Advisory
http://www.securityfocus.com/bid/99266
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/119783
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.0:p1:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00296

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-254

Связанные уязвимости

GHSA-jw5r-h8gx-vxc9