CVSS: 8.8EPSS: 4%CPEs: 5EXPL: 2CVE-2020-4272 – QRadar Community Edition 7.3.1.6 Arbitrary Object Instantiation
https://notcve.org/view.php?id=CVE-2020-4272
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un atacante remoto incluir archivos arbitrarios. Un atacante remoto podría enviar una petición especialmente diseñada para especificar un archivo malicioso desde un sistema remoto, que podría permitir al atacante ejecutar código arbitrario en el servidor vulnerable. • http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html http://seclists.org/fulldisclosure/2020/Apr/40 https://exchange.xforce.ibmcloud.com/vulnerabilities/175898 https://www.ibm.com/support/pages/node/6189645 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 2%CPEs: 5EXPL: 1CVE-2020-4271 – QRadar Community Edition 7.3.1.6 PHP Object Injection
https://notcve.org/view.php?id=CVE-2020-4271
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un usuario autentificado enviar un comando especialmente diseñado que sería ejecutado como un usuario poco privilegiado. IBM X-ForceID: 175897. QRadar Community Edition version 7.3.1.6 suffers from a php object injection vulnerability. • http://packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Object-Injection.html http://seclists.org/fulldisclosure/2020/Apr/39 https://exchange.xforce.ibmcloud.com/vulnerabilities/175897 https://www.ibm.com/support/pages/node/6189651 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 2CVE-2020-4270 – QRadar Community Edition 7.3.1.6 Insecure File Permissions
https://notcve.org/view.php?id=CVE-2020-4270
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to weak file permissions. IBM X-ForceID: 175846. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un usuario local alcanzar privilegios escalados debido a una debilidad de los permisos de archivo. IBM X-ForceID: 175846. QRadar Community Edition version 7.3.1.6 suffers from a local privilege escalation due to insecure file permissions with run-result-reader.sh. • http://packetstormsecurity.com/files/157335/QRadar-Community-Edition-7.3.1.6-Insecure-File-Permissions.html http://seclists.org/fulldisclosure/2020/Apr/38 https://exchange.xforce.ibmcloud.com/vulnerabilities/175846 https://www.ibm.com/support/pages/node/6189657 • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2020-4269 – QRadar Community Edition 7.3.1.6 Default Credentials
https://notcve.org/view.php?id=CVE-2020-4269
IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-ForceID: 175845. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, contiene credenciales embebidas, tales como una contraseña o una clave criptográfica, que usa para su propia autenticación de entrada, la comunicación de salida a componentes externos o el cifrado de datos internos. IBM X-ForceID: 175845. QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. • http://packetstormsecurity.com/files/157328/QRadar-Community-Edition-7.3.1.6-Default-Credentials.html http://seclists.org/fulldisclosure/2020/Apr/34 https://exchange.xforce.ibmcloud.com/vulnerabilities/175845 https://www.ibm.com/support/pages/node/6189711 • CWE-798: Use of Hard-coded Credentials •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2020-4268
https://notcve.org/view.php?id=CVE-2020-4268
IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-ForceID: 175841. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la funcionalidad prevista, conllevando a una divulgación de credenciales en una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/175841 https://www.ibm.com/support/pages/node/6189639 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •