Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMCCF77F43021E45899690E596B7CF63B698E34B448272DC46D89CE18C45F6E5FC
HistoryMay 15, 2024 - 8:38 a.m.

Security Bulletin: An IBM QRadar SIEM ArielRESTAPI protocol is vulnerable to Improper Validation (177835)

2024-05-1508:38:23
www.ibm.com
11
qradar siem
improper validation
apache commons codec
sensitive information
remote attacker
vulnerability
fix
auto update

6.4 Medium

AI Score

Confidence

High

JSON

Summary

The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal and is vulnerable to improper validation of input.

Vulnerability Details

**IBM X-Force ID:**177835
**DESCRIPTION:**Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. An attacker could exploit this vulnerability using a method call to obtain sensitive information.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/177835 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM QRadar SIEM 7.5 - 7.5.0 UP8

Remediation/Fixes

Product Version Fix
IBM QRadar SIEM 7.5.0 7.5.0 QRadar Protocol ArielRESTAPI

Workarounds and Mitigations

Please be aware that these updates are available via Auto Update if you have it enabled.

Affected configurations

Vulners
Node
ibmibm_qradar_siemMatch7.5
CPENameOperatorVersion
ibm security qradar siemeq7.5

6.4 Medium

AI Score

Confidence

High

JSON