Code injection

2020-04-1516:15:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.043 Low

EPSS

Percentile

92.3%

JSON

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898.

CPENameOperatorVersion
qradar_security_information_and_event_managerge7.3.0
qradar_security_information_and_event_managerlt7.3.3
qradar_security_information_and_event_managereq7.3.3
qradar_security_information_and_event_managereq7.3.3 p2
qradar_security_information_and_event_managereq7.3.3 p1

Name	Operator	Version
qradar_security_information_and_event_manager	ge	7.3.0
qradar_security_information_and_event_manager	lt	7.3.3
qradar_security_information_and_event_manager	eq	7.3.3
qradar_security_information_and_event_manager	eq	7.3.3 p2
qradar_security_information_and_event_manager	eq	7.3.3 p1