Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM1A226F41CCEE49F182D2CE6E2913B939C921267EC05F27A8773B9DAF87654A6F
HistoryJul 27, 2021 - 4:25 p.m.

Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities

2021-07-2716:25:09
www.ibm.com
33

0.062 Low

EPSS

Percentile

93.6%

JSON

Summary

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.

Vulnerability Details

CVEID:CVE-2020-13949
**DESCRIPTION:**Apache Thrift is vulnerable to a denial of service, caused by improper input validation. By sending specially-crafted messages, a remote attacker could exploit this vulnerability to cause a large memory allocation.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196738 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2020-25649
**DESCRIPTION:**FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192648 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2021-25329
**DESCRIPTION:**Apache Tomcat could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw with a configuration edge case. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197519 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-25122
**DESCRIPTION:**Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a flaw when responding to new h2c connection requests. By sending a specially-crafted request, an attacker could exploit this vulnerability to see the request body information from one request to another, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197517 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2020-17527
**DESCRIPTION:**Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an issue when the HTTP request header value can be reused from the previous stream received on an HTTP/2 connection. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192612 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8

IBM QRadar SIEM 7.4.0 to 7.4.3 GA

Remediation/Fixes

QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 9

QRadar / QRM / QVM / QRIF / QNI 7.4.3 Patch 1

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm qradar siemeq7.3
ibm qradar siemeq7.4

Related

nessus 30
atlassian 11
photon 7
kaspersky 2
debian 5
ibm 22
osv 13
openvas 26
tomcat 3
suse 3
redos 6
mageia 3
ubuntu 1
redhat 9
github 4
prion 4
nvd 4
symantec 1
cvelist 4
amazon 2
ubuntucve 4
gitlab 1
cgr 4
cve 4
redhatcve 4
debiancve 4
archlinux 3
veracode 4
alpinelinux 1
wolfi 2
cisa 2
f5 2
gentoo 1
cbl_mariner 2
fedora 1
nessus
nessus
Photon OS 4.0: Apache PHSA-2021-4.0-0007
2021-04-07 00:00:00
Photon OS 3.0: Apache PHSA-2021-3.0-0208
2021-03-22 00:00:00
Photon OS 2.0: Apache PHSA-2021-2.0-0328
2021-03-16 00:00:00
atlassian
atlassian
8.5 and 8.13 LTS releases should bundle Tomcat 8.5.63 or higher
2021-04-12 15:50:10
Tomcat PersistenceManager vulnerabilities - CVE-2021-25329 and CVE-2021-25122
2021-03-11 19:39:59
Jira Server and Data Center affected by Tomcat CVE-2021-25329 and CVE-2021-25122
2021-04-22 21:11:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0208
2021-03-17 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0372
2021-03-18 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0208
2021-03-16 00:00:00
kaspersky
kaspersky
KLA12104 Multiple vulnerabilities in Apache Tomcat
2021-02-02 00:00:00
KLA12105 ACE vulnerability in Apache Tomcat
2021-02-05 00:00:00
debian
debian
[SECURITY] [DSA 4891-1] tomcat9 security update
2021-04-13 20:47:05
[SECURITY] [DLA 2495-1] tomcat8 security update
2020-12-16 17:28:07
[SECURITY] [DLA 2406-1] jackson-databind security update
2020-10-14 10:31:09
ibm
ibm
Security Bulletin: IBM UrbanCode Release is affected by CVE-2021-25122 and CVE-2021-25329
2022-01-25 07:54:02
Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (CVE-2021-25122, CVE-2021-25329)
2021-04-13 10:45:28
Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-25122 and CVE-2021-25329
2022-02-09 16:30:32
osv
osv
tomcat9 - security update
2021-04-13 00:00:00
tomcat8 - security update
2021-03-15 00:00:00
Uncontrolled Resource Consumption in Apache Thrift
2021-03-12 21:33:55
openvas
openvas
Debian: Security Advisory (DSA-4891-1)
2021-04-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:0988-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1008-1)
2021-06-09 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 10.0.2
2021-02-02 00:00:00
Fixed in Apache Tomcat 8.5.63
2021-02-02 00:00:00
Fixed in Apache Tomcat 9.0.43
2021-02-02 00:00:00
suse
suse
Security update for tomcat (important)
2021-04-02 00:00:00
Security update for tomcat (moderate)
2021-01-16 00:00:00
Security update for tomcat (moderate)
2021-01-11 00:00:00
redos
redos
ROS-2-588
2021-09-08 00:00:00
ROS-2-622
2021-09-08 00:00:00
ROS-2-811
2021-09-08 00:00:00
mageia
mageia
Updated tomcat packages fix security vulnerabilities
2021-07-20 13:46:47
Updated tomcat packages fix security vulnerability
2021-01-10 22:46:12
Updated thrift/golang-github-apache-thrift packages fix security vulnerability
2021-12-24 00:01:45
ubuntu
ubuntu
Tomcat vulnerabilities
2022-03-31 00:00:00
redhat
redhat
(RHSA-2021:2562) Moderate: Red Hat JBoss Web Server 5.5.0 security release
2021-06-29 08:35:57
(RHSA-2021:2561) Moderate: Red Hat JBoss Web Server 5.5.0 Security release
2021-06-29 08:34:12
(RHSA-2021:1260) Low: Red Hat AMQ Streams 1.7.0 release and security update
2021-04-19 17:59:54
github
github
Uncontrolled Resource Consumption in Apache Thrift
2021-03-12 21:33:55
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-02-09 22:58:06
XML External Entity (XXE) Injection in Jackson Databind
2021-02-18 20:51:54
prion
prion
Design/Logic Flaw
2021-02-12 20:15:00
Cross site request forgery (csrf)
2021-03-01 12:15:00
Cross site request forgery (csrf)
2020-12-03 19:15:00
nvd
nvd
CVE-2020-13949
2021-02-12 20:15:13
CVE-2020-17527
2020-12-03 19:15:12
CVE-2021-25122
2021-03-01 12:15:13
symantec
symantec
Apache Tomcat Vulnerabilities May 2020 - Mar 2021
2021-03-16 19:59:07
cvelist
cvelist
CVE-2020-17527 Apache Tomcat: Request header mix-up between HTTP/2 streams
2020-12-03 18:30:14
CVE-2020-13949
2021-02-12 19:39:09
CVE-2020-25649
2020-12-03 16:16:50
amazon
amazon
Medium: tomcat8
2020-12-16 20:52:00
Medium: tomcat8
2021-01-12 22:52:00
ubuntucve
ubuntucve
CVE-2020-17527
2020-12-03 00:00:00
CVE-2020-13949
2021-02-12 00:00:00
CVE-2021-25122
2021-03-01 00:00:00
gitlab
gitlab
Uncontrolled Resource Consumption
2021-02-12 00:00:00
cgr
cgr
CVE-2020-13949 vulnerabilities
2024-05-19 03:07:16
CVE-2021-25329 vulnerabilities
2024-05-19 03:07:16
CVE-2020-25649 vulnerabilities
2024-05-19 03:07:16
cve
cve
CVE-2020-13949
2021-02-12 20:15:13
CVE-2021-25122
2021-03-01 12:15:13
CVE-2020-25649
2020-12-03 17:15:12
redhatcve
redhatcve
CVE-2020-13949
2021-02-12 15:32:00
CVE-2020-17527
2020-12-03 21:23:17
CVE-2021-25122
2021-03-02 10:32:54
debiancve
debiancve
CVE-2020-13949
2021-02-12 20:15:13
CVE-2020-17527
2020-12-03 19:15:12
CVE-2020-25649
2020-12-03 17:15:12
archlinux
archlinux
[ASA-202102-43] thrift: denial of service
2021-02-27 00:00:00
[ASA-202012-3] tomcat9: information disclosure
2020-12-05 00:00:00
[ASA-202012-4] tomcat8: information disclosure
2020-12-05 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-03-26 06:02:12
Denial Of Service (DoS)
2020-12-04 02:58:16
XML External Entity (XXE)
2020-10-15 05:10:32
alpinelinux
alpinelinux
CVE-2020-13949
2021-02-12 20:15:13
wolfi
wolfi
CVE-2020-13949 vulnerabilities
2024-07-03 09:08:38
CVE-2020-25649 vulnerabilities
2024-05-29 03:07:31
cisa
cisa
Apache Releases Security Advisory for Apache Tomcat
2020-12-04 00:00:00
Apache Releases Security Advisory for Tomcat
2021-03-02 00:00:00
f5
f5
K00174195 : Apache Tomcat vulnerability CVE-2021-25122
2021-03-16 00:00:00
K44415301 : Apache Tomcat vulnerability CVE-2020-17527
2020-12-31 00:00:00
gentoo
gentoo
Apache Tomcat: Information disclosure
2020-12-24 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5
2024-07-03 03:08:37
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5
2024-07-03 03:08:37
fedora
fedora
[SECURITY] Fedora 32 Update: jackson-databind-2.10.5.1-1.fc32
2021-02-10 01:30:26

0.062 Low

EPSS

Percentile

93.6%

JSON
Related for 1A226F41CCEE49F182D2CE6E2913B939C921267EC05F27A8773B9DAF87654A6F
nessus30atlassian11photon7kaspersky2debian5ibm22osv13openvas26tomcat3suse3redos6mageia3ubuntu1redhat9github4prion4nvd4symantec1cvelist4amazon2ubuntucve4gitlab1cgr4cve4redhatcve4debiancve4archlinux3veracode4alpinelinux1wolfi2cisa2f52gentoo1cbl_mariner2fedora1