IBMCCD6C0E806460BE5FF74BAFE09BF1C098142009065FEC8E7B16615898F90EEFBSecurity Bulletin: IBM QRadar SIEM and QRadar Incident Forensics are vulnerable to OS command injection (CVE-2016-9726, CVE-2016-9727)
EPSS
Percentile
57.8%
Summary
IBM QRadar SIEM, and Incident Forensics may pass unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. This could allow attackers to execute arbitrary commands on the system. IBM has addressed this issue.
Vulnerability Details
CVEID: CVE-2016-9726**
DESCRIPTION:** IBM QRadar Incident Forensics could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base Score: 8.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119755> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2016-9727**
DESCRIPTION:** IBM QRadar could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base Score: 8.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119756> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)
Affected Products and Versions
ā¢ IBM QRadar SIEM 7.2.n
ā¢ IBM QRadar Incident Forensics 7.2.n
Remediation/Fixes
ā¢ IBM QRadar/QRM/QVM/QRIF 7.2.8 Patch 4
Workarounds and Mitigations
None
Related
EPSS
Percentile
57.8%