OpenSSH as used by IBM QRadar SIEM is vulnerable to information exposure
CVEID:CVE-2018-15473
**DESCRIPTION:**OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/148397 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
IBM QRadar SIEM 7.3.0 - 7.3.3 GA
QRadar / QRM / QVM / QRIF / QNI 7.3.2 Patch 6
QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 1
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security qradar siem | eq | 7.3 |