CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
5.1%
IBM QRadar WinCollect Agent is vulnerable to execution with unnecessary privileges. IBM has addressed the relevant vulnerability
CVEID:CVE-2023-26277
**DESCRIPTION:**IBM QRadar WinCollect Agent could allow a local user to execute commands on the system due to execution with unnecessary privileges.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/248156 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
QRadar WinCollect Agent | 10.0 - 10.1.3 |
IBM recommends customers upgrade their systems promptly.
There is a new upgrade for the WinCollect standalone agent. The following WinCollect standalone agent versions can be used to upgrade the affected versions to resolve the vulnerability. For information on how to upgrade your WinCollect version, see the WinCollect 10.1.4 release notes: <https://www.ibm.com/support/pages/node/6987783>
Download and install the WinCollect standalone agent version 10.1.4 for your version of QRadar:
QRadar Version | WinCollect Standalone Agent 10.1.4 Versions |
---|---|
7.5 |
WinCollect Agent MSI (64-bit) - Standalone only
WinCollect Agent MSI (32-bit) - Standalone only
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | qradar_network_security | 10 | cpe:2.3:a:ibm:qradar_network_security:10:*:*:*:*:*:*:* |
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
5.1%