Open source Apache HTTP Server is vulnerable to a denial of service, caused by an error in the mod_deflate module as used in IBM QRadar 7.1 MR2 and IBM QRadar 7.2.3
CVE-ID:CVE-2014-0118
DESCRIPTION:Apache HTTP Server is vulnerable to a denial of service, caused by an error in the mod_deflate module. By sending specially-crafted requests, an attacker could exploit this vulnerability to exhaust all available CPU and memory resources.
CVSS Base Score: 5.0
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/94675 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The recommended solution is to apply the fix for each named product as soon as practical. Please see below for information about the fixes available.
Product | Remediation/First Fix |
---|---|
QRadar 7.1 MR2 | QRadar 7.1 MR2 Patch 8 |
QRadar 7.2.3 | QRadar 7.2.3 Patch 4 |
None