Lucene search
IBM48ECD4B79A31D1282D9409AA2C4FCB73AA0145753D94307F2126BB4CD877F692HistoryJun 16, 2018 - 9:31 p.m.
Security Bulletin: IBM QRadar Incident Forensics is vulnerable to SQL Injection. (CVE-2015-1989)
2018-06-1621:31:53
www.ibm.com
6
EPSS
0.001
Percentile
42.5%
Summary
IBM QRadar Incident Forensics is susceptible to a specially-crafted SQL statement attack.
Vulnerability Details
CVE-ID: CVE-2015-1989
Description: IBM QRadar Incident Forensics is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVSS Base Score: 6.5 **CVSS Temporal Score:**See https://exchange.xforce.ibmcloud.com/vulnerabilities/103828 for the current score **CVSS Environmental Score:***Undefined CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Affected Products and Versions
ยท IBM QRadar Incident Forensics 7.2.n
Remediation/Fixes
ยท IBM QRadar/QRM/QVM/QRIF 7.2.5 Patch 5
Workarounds and Mitigations
None
Related
cvelist
cvelist
CVE-2015-1989
2015-11-08 22:00:00
nvd
nvd
CVE-2015-1989
2015-11-08 22:59:00
cve
cve
CVE-2015-1989
2015-11-08 22:59:00
prion
prion
Sql injection
2015-11-08 22:59:00
EPSS
0.001
Percentile
42.5%
Related for 48ECD4B79A31D1282D9409AA2C4FCB73AA0145753D94307F2126BB4CD877F692