Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM5A2C07F0662FADD1A4157251443DE5414386150F916451BE5B6A30D27F6890A4
HistoryNov 16, 2023 - 6:47 p.m.

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

2023-11-1618:47:38
www.ibm.com
33
ibm qradar siem
libssh2
amd ryzen
gen amd epyc processors
linux kernel
apache batik
vulnerability
denial of service
cross site scripting
authenticated attacker
sensitive information
ssrf attack
remote attacker
security restriction

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.0%

JSON

Summary

IBM QRadar SIEM includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. Additionally, a cross site scripting issue was found. These have been addressed in the update.

Vulnerability Details

CVEID:CVE-2020-22218
**DESCRIPTION:**libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read in the _libssh2_packet_add function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/266252 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-20593
**DESCRIPTION:**AMD Ryzen, Gen AMD EPYC Processors could allow a local authenticated attacker to obtain sensitive information, caused by a use-after-free flaw in the vzeroupper instruction. By conducting a cache timing attack using a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive data used by other processes, such as passwords and encryption keys, at a rate of 30KB/sec from each CPU core.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/261343 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)

CVEID:CVE-2023-35788
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an off-by-one flaw in the fl_set_geneve_opt fucntion. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service condition.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/257458 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-44730
**DESCRIPTION:**Apache Batik is vulnerable to server-side request forgery, caused by improper input validation. By persuading a victim to open specially crafted SVG file, an attacker could exploit this vulnerability to conduct SSRF attack to probe user profile/data and send it directly as parameter to a URL.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264130 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)

CVEID:CVE-2022-44729
**DESCRIPTION:**Apache Batik is vulnerable to server-side request forgery, caused by improper input validation. By persuading a victim to open specially crafted SVG file, an attacker could exploit this vulnerability to conduct SSRF attack to cause resource consumption and obtain sensitive information.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264129 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)

CVEID:CVE-2023-20900
**DESCRIPTION:**VMware Tools could allow a remote attacker to bypass security restrictions, caused by improper SAML token signature verification. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to perform VMware Tools Guest Operations
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264792 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2023-3341
**DESCRIPTION:**ISC BIND is vulnerable to a denial of service, caused by a stack exhaustion flaw in control channel code. By sending a specially crafted message over the control channel, a remote attacker could exploit this vulnerability to cause named to terminate.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/266515 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-3899
**DESCRIPTION:**Red Hat Enterprise Linux could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper authorization by the subscription-manager. By sending a specially crafted request through D-Bus interface com.redhat.RHSM1, an authenticated attacker could exploit this vulnerability to gain elevated privileges to an unconfined root.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264328 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2023-43057
**DESCRIPTION:**IBM QRadar SIEM is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 4.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/267484 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM QRadar SIEM 7.5 - 7.5.0 UP7

Remediation/Fixes

IBM strongly encourages customers to update their systems promptly.

Product Version Remediation/First Fix
IBM QRadar SIEM 7.5.0 7.5.0 UP7 IF02

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmibm_qradar_siemMatch7.5.0
CPENameOperatorVersion
ibm security qradar siemeq7.5.0

Related

ibm 7
nessus 62
redhat 17
oraclelinux 5
openvas 20
prion 6
cve 6
osv 15
atlassian 1
cvelist 5
nvd 6
cnvd 1
centos 1
ubuntucve 4
veracode 4
debiancve 4
ubuntu 6
cloudlinux 1
rosalinux 2
redhatcve 4
github 2
alpinelinux 2
amazon 3
cbl_mariner 1
f5 1
rocky 3
redos 1
debian 2
almalinux 4
vmware 2
fedora 1
ibm
ibm
Security Bulletin: Multiple vulnerabilities found in Batik Jars which are shipped with IBM® Intelligent Operations Center(CVE-2022-44730, CVE-2022-44729)
2024-04-23 18:50:33
Security Bulletin: There is a vulnerability in batik-all-1.15.jar used by IBM Maximo Asset Management application (CVE-2022-44730 and CVE-2022-44729)
2024-01-15 19:30:58
Security Bulletin: Vulnerabilities in batik-all library affects IBM Engineering Test Management (ETM) (CVE-2022-44730, CVE-2022-44729)
2023-09-29 11:52:05
nessus
nessus
RHEL 8 : fop (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 7 : kernel-rt (RHSA-2023:4821)
2023-08-29 00:00:00
CentOS 7 : kernel-rt (RHSA-2023:4821)
2024-01-09 00:00:00
redhat
redhat
(RHSA-2023:4819) Important: kernel security and bug fix update
2023-08-29 07:37:36
(RHSA-2023:4821) Important: kernel-rt security and bug fix update
2023-08-29 07:37:38
(RHSA-2023:5615) Moderate: libssh2 security update
2023-10-10 14:35:06
oraclelinux
oraclelinux
kernel security and bug fix update
2023-08-31 00:00:00
libssh2 security update
2023-10-10 00:00:00
open-vm-tools security update
2023-09-21 00:00:00
openvas
openvas
openSUSE: Security Advisory for xmlgraphics (SUSE-SU-2024:0808-1)
2024-03-25 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3555-1)
2023-09-11 00:00:00
CentOS: Security Advisory for libssh2 (CESA-2023:5615)
2024-03-05 00:00:00
prion
prion
Cross site scripting
2023-11-11 16:15:00
Design/Logic Flaw
2023-08-22 19:16:00
Server side request forgery (ssrf)
2023-08-22 19:16:00
cve
cve
CVE-2022-44730
2023-08-22 19:16:29
CVE-2023-43057
2023-11-11 16:15:31
CVE-2022-44729
2023-08-22 19:16:29
osv
osv
Apache Batik information disclosure vulnerability
2023-08-22 21:30:26
Apache XML Graphics Batik Server-Side Request Forgery vulnerability
2023-08-22 21:30:26
CVE-2020-22218
2023-08-22 19:16:19
atlassian
atlassian
SSRF org.apache.xmlgraphics:batik-bridge Dependency in Jira Service Management Data Center and Server
2023-12-13 07:45:23
cvelist
cvelist
CVE-2023-43057 IBM QRadar SIEM cross-site scripting
2023-11-11 15:31:11
CVE-2020-22218
2023-08-22 00:00:00
CVE-2022-44729 Apache XML Graphics Batik: Information disclosure vulnerability
2023-08-22 14:12:50
nvd
nvd
CVE-2023-43057
2023-11-11 16:15:31
CVE-2020-22218
2023-08-22 19:16:19
CVE-2022-44729
2023-08-22 19:16:29
cnvd
cnvd
IBM QRadar SIEM Cross-Site Scripting Vulnerability (CNVD-2024-01173)
2023-11-14 00:00:00
centos
centos
libssh2 security update
2024-01-12 19:24:28
ubuntucve
ubuntucve
CVE-2020-22218
2023-08-22 00:00:00
CVE-2022-44729
2023-08-22 00:00:00
CVE-2022-44730
2023-08-22 00:00:00
veracode
veracode
Server-Side Request Forgery (SSRF)
2023-08-24 05:40:22
Denial Of Service (DoS)
2023-08-24 11:06:00
Server-Side Request Forgery (SSRF)
2023-08-24 06:26:36
debiancve
debiancve
CVE-2022-44729
2023-08-22 19:16:29
CVE-2020-22218
2023-08-22 19:16:19
CVE-2022-44730
2023-08-22 19:16:29
ubuntu
ubuntu
libssh2 vulnerability
2023-09-14 00:00:00
Open VM Tools vulnerability
2023-09-13 00:00:00
Open VM Tools vulnerability
2023-09-25 00:00:00
cloudlinux
cloudlinux
libssh2: Fix of CVE-2020-22218
2023-09-27 17:23:47
rosalinux
rosalinux
Advisory ROSA-SA-2023-2278
2023-10-24 13:57:22
Advisory ROSA-SA-2023-2242
2023-10-10 09:32:53
redhatcve
redhatcve
CVE-2020-22218
2023-08-30 08:15:25
CVE-2022-44729
2023-08-24 17:15:24
CVE-2022-44730
2023-08-24 17:15:24
github
github
Apache XML Graphics Batik Server-Side Request Forgery vulnerability
2023-08-22 21:30:26
Apache Batik information disclosure vulnerability
2023-08-22 21:30:26
alpinelinux
alpinelinux
CVE-2020-22218
2023-08-22 19:16:00
CVE-2023-20900
2023-08-31 10:15:08
amazon
amazon
Important: libssh2
2023-09-13 23:15:00
Important: libssh2
2023-09-13 23:44:00
Important: open-vm-tools
2023-09-13 23:44:00
cbl_mariner
cbl_mariner
CVE-2020-22218 affecting package libssh2 for versions less than 1.9.0-3
2023-09-27 18:02:50
f5
f5
K000138219 : libssh2 vulnerability CVE-2020-22218
2024-01-13 00:00:00
rocky
rocky
open-vm-tools security update
2023-09-26 13:25:26
open-vm-tools security update
2023-09-26 13:26:44
subscription-manager security update
2023-08-24 04:21:33
redos
redos
ROS-20230914-07
2023-09-14 00:00:00
debian
debian
[SECURITY] [DLA 3597-1] open-vm-tools security update
2023-10-01 19:10:50
[SECURITY] [DLA 3619-1] batik security update
2023-10-14 22:16:33
almalinux
almalinux
Important: open-vm-tools security update
2023-09-20 00:00:00
Important: open-vm-tools security update
2023-09-20 00:00:00
Important: subscription-manager security update
2023-08-22 00:00:00
vmware
vmware
VMware Tools updates address a SAML Token Signature Bypass Vulnerability (CVE-2023-20900)
2023-08-31 00:00:00
VMware Tools updates address a SAML Token Signature Bypass Vulnerability (CVE-2023-20900)
2023-08-31 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: subscription-manager-1.29.37-1.fc38
2023-09-01 01:30:04

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.0%

JSON
Related for 5A2C07F0662FADD1A4157251443DE5414386150F916451BE5B6A30D27F6890A4
ibm7nessus62redhat17oraclelinux5openvas20prion6cve6osv15atlassian1cvelist5nvd6cnvd1centos1ubuntucve4veracode4debiancve4ubuntu6cloudlinux1rosalinux2redhatcve4github2alpinelinux2amazon3cbl_mariner1f51rocky3redos1debian2almalinux4vmware2fedora1