CVE-2020-4509
https://notcve.org/view.php?id=CVE-2020-4509
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 182364. IBM QRadar SIEM versiones 7.3 y 7.4, es vulnerable a un ataque de tipo XML External Entity Injection (XXE) cuando se procesan datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información confidencial o consumir recursos de memoria. • https://exchange.xforce.ibmcloud.com/vulnerabilities/182364 https://www.ibm.com/support/pages/node/6220154 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2020-4294 – QRadar Community Edition 7.3.1.6 Server Side Request Forgery
https://notcve.org/view.php?id=CVE-2020-4294
IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request Forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-ForceID: 176404. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, es vulnerable a un ataque de tipo Server Side Request Forgery (SSRF). Esto puede permitir a un atacante autenticado enviar peticiones no autorizadas del sistema, conllevando a una enumeración de la red o facilitar otros ataques. • http://packetstormsecurity.com/files/157329/QRadar-Community-Edition-7.3.1.6-Server-Side-Request-Forgery.html http://seclists.org/fulldisclosure/2020/Apr/35 https://exchange.xforce.ibmcloud.com/vulnerabilities/176404 https://www.ibm.com/support/pages/node/6189663 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2020-4274 – QRadar Community Edition 7.3.1.6 Authorization Bypass
https://notcve.org/view.php?id=CVE-2020-4274
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform unauthorized actions due to inadequate permission checks. IBM X-ForceID: 175980. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un usuario autentificado acceder a los datos y llevar a cabo acciones no autorizadas debido a comprobaciones de permisos inadecuadas. IBM X-ForceID: 175980. QRadar Community Edition version 7.3.1.6 suffers from an authorization bypass vulnerability. • http://packetstormsecurity.com/files/157338/QRadar-Community-Edition-7.3.1.6-Authorization-Bypass.html http://seclists.org/fulldisclosure/2020/Apr/41 https://exchange.xforce.ibmcloud.com/vulnerabilities/175980 https://www.ibm.com/support/pages/node/6189705 • CWE-276: Incorrect Default Permissions •
CVE-2020-4272 – QRadar Community Edition 7.3.1.6 Arbitrary Object Instantiation
https://notcve.org/view.php?id=CVE-2020-4272
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un atacante remoto incluir archivos arbitrarios. Un atacante remoto podría enviar una petición especialmente diseñada para especificar un archivo malicioso desde un sistema remoto, que podría permitir al atacante ejecutar código arbitrario en el servidor vulnerable. • http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html http://seclists.org/fulldisclosure/2020/Apr/40 https://exchange.xforce.ibmcloud.com/vulnerabilities/175898 https://www.ibm.com/support/pages/node/6189645 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-502: Deserialization of Untrusted Data •
CVE-2020-4271 – QRadar Community Edition 7.3.1.6 PHP Object Injection
https://notcve.org/view.php?id=CVE-2020-4271
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un usuario autentificado enviar un comando especialmente diseñado que sería ejecutado como un usuario poco privilegiado. IBM X-ForceID: 175897. QRadar Community Edition version 7.3.1.6 suffers from a php object injection vulnerability. • http://packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Object-Injection.html http://seclists.org/fulldisclosure/2020/Apr/39 https://exchange.xforce.ibmcloud.com/vulnerabilities/175897 https://www.ibm.com/support/pages/node/6189651 • CWE-502: Deserialization of Untrusted Data •