CVSS: 6.5EPSS: 2%CPEs: 5EXPL: 1CVE-2020-4271 – QRadar Community Edition 7.3.1.6 PHP Object Injection
https://notcve.org/view.php?id=CVE-2020-4271
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un usuario autentificado enviar un comando especialmente diseñado que sería ejecutado como un usuario poco privilegiado. IBM X-ForceID: 175897. QRadar Community Edition version 7.3.1.6 suffers from a php object injection vulnerability. • http://packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Object-Injection.html http://seclists.org/fulldisclosure/2020/Apr/39 https://exchange.xforce.ibmcloud.com/vulnerabilities/175897 https://www.ibm.com/support/pages/node/6189651 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 2CVE-2020-4270 – QRadar Community Edition 7.3.1.6 Insecure File Permissions
https://notcve.org/view.php?id=CVE-2020-4270
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to weak file permissions. IBM X-ForceID: 175846. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un usuario local alcanzar privilegios escalados debido a una debilidad de los permisos de archivo. IBM X-ForceID: 175846. QRadar Community Edition version 7.3.1.6 suffers from a local privilege escalation due to insecure file permissions with run-result-reader.sh. • http://packetstormsecurity.com/files/157335/QRadar-Community-Edition-7.3.1.6-Insecure-File-Permissions.html http://seclists.org/fulldisclosure/2020/Apr/38 https://exchange.xforce.ibmcloud.com/vulnerabilities/175846 https://www.ibm.com/support/pages/node/6189657 • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2020-4269 – QRadar Community Edition 7.3.1.6 Default Credentials
https://notcve.org/view.php?id=CVE-2020-4269
IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-ForceID: 175845. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, contiene credenciales embebidas, tales como una contraseña o una clave criptográfica, que usa para su propia autenticación de entrada, la comunicación de salida a componentes externos o el cifrado de datos internos. IBM X-ForceID: 175845. QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. • http://packetstormsecurity.com/files/157328/QRadar-Community-Edition-7.3.1.6-Default-Credentials.html http://seclists.org/fulldisclosure/2020/Apr/34 https://exchange.xforce.ibmcloud.com/vulnerabilities/175845 https://www.ibm.com/support/pages/node/6189711 • CWE-798: Use of Hard-coded Credentials •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2020-4268
https://notcve.org/view.php?id=CVE-2020-4268
IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-ForceID: 175841. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la funcionalidad prevista, conllevando a una divulgación de credenciales en una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/175841 https://www.ibm.com/support/pages/node/6189639 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-4654
https://notcve.org/view.php?id=CVE-2019-4654
IBM QRadar 7.3.0 to 7.3.3 Patch 2 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-ForceID: 170965. IBM QRadar versiones 7.3.0 hasta la versión 7.3.3, Parche 2 no comprueba, o comprueba inapropiadamente, un certificado que podría permitir a un atacante suplantar una entidad confiable usando un ataque de tipo man-in-the-middle (MITM). IBM X-ForceID: 170965. • https://exchange.xforce.ibmcloud.com/vulnerabilities/170965 https://www.ibm.com/support/pages/node/6189723 • CWE-295: Improper Certificate Validation •