IBMD1C7FE5258E6F4616C82B91D76746D0AA44CA56A4DB58A1BBF3D99986ECB832ASecurity Bulletin: IBM QRadar Incident Forensics, as used in IBM QRadar SIEM, is vulnerable to authenticated path traversal. (CVE-2017-1723)
EPSS
Percentile
43.8%
Summary
QRadar uses raw string concatenation to build paths from user input and as such is vulnerable to path traversal attacks where an attacker arbitrarily alters the path.
Vulnerability Details
CVEID: CVE-2017-1723**
DESCRIPTION:** IBM QRadar could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/…/) to view arbitrary files on the system.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/134812> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
QRadar / QRIF / QNI 7.3.0 to 7.3.0 Patch 7
QRadar / QRIF / QNI 7.2.0 to 7.2.8 Patch 11
Remediation/Fixes
QRadar / QRM / QVM / QRIF / QNI 7.3.1 Patch 3
QRadar / QRM / QVM / QRIF / QNI 7.2.8 Patch 12
Workarounds and Mitigations
None
Related
EPSS
Percentile
43.8%