An IBM QRadar SIEM user with shell access could obtain the encryption key used to encrypt certain passwords.
CVEID: CVE-2016-2880**
DESCRIPTION:** IBM QRadar stores the encryption key used to encrypt the service account password which can be obtained by a local user.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112859> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
ยท IBM QRadar/QRM/QVM 7.2.8
ยท For IBM QRadar 7.1 IBM recommends upgrading to a fixed, supported version/release/platform of the product.
None