CVE-2020-4270 – QRadar Community Edition 7.3.1.6 Insecure File Permissions
https://notcve.org/view.php?id=CVE-2020-4270
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to weak file permissions. IBM X-ForceID: 175846. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un usuario local alcanzar privilegios escalados debido a una debilidad de los permisos de archivo. IBM X-ForceID: 175846. QRadar Community Edition version 7.3.1.6 suffers from a local privilege escalation due to insecure file permissions with run-result-reader.sh. • http://packetstormsecurity.com/files/157335/QRadar-Community-Edition-7.3.1.6-Insecure-File-Permissions.html http://seclists.org/fulldisclosure/2020/Apr/38 https://exchange.xforce.ibmcloud.com/vulnerabilities/175846 https://www.ibm.com/support/pages/node/6189657 • CWE-276: Incorrect Default Permissions •
CVE-2020-4269 – QRadar Community Edition 7.3.1.6 Default Credentials
https://notcve.org/view.php?id=CVE-2020-4269
IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-ForceID: 175845. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, contiene credenciales embebidas, tales como una contraseña o una clave criptográfica, que usa para su propia autenticación de entrada, la comunicación de salida a componentes externos o el cifrado de datos internos. IBM X-ForceID: 175845. QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. • http://packetstormsecurity.com/files/157328/QRadar-Community-Edition-7.3.1.6-Default-Credentials.html http://seclists.org/fulldisclosure/2020/Apr/34 https://exchange.xforce.ibmcloud.com/vulnerabilities/175845 https://www.ibm.com/support/pages/node/6189711 • CWE-798: Use of Hard-coded Credentials •
CVE-2020-4268
https://notcve.org/view.php?id=CVE-2020-4268
IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-ForceID: 175841. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la funcionalidad prevista, conllevando a una divulgación de credenciales en una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/175841 https://www.ibm.com/support/pages/node/6189639 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-4654
https://notcve.org/view.php?id=CVE-2019-4654
IBM QRadar 7.3.0 to 7.3.3 Patch 2 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-ForceID: 170965. IBM QRadar versiones 7.3.0 hasta la versión 7.3.3, Parche 2 no comprueba, o comprueba inapropiadamente, un certificado que podría permitir a un atacante suplantar una entidad confiable usando un ataque de tipo man-in-the-middle (MITM). IBM X-ForceID: 170965. • https://exchange.xforce.ibmcloud.com/vulnerabilities/170965 https://www.ibm.com/support/pages/node/6189723 • CWE-295: Improper Certificate Validation •
CVE-2019-4594
https://notcve.org/view.php?id=CVE-2019-4594
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-ForceID: 167810. IBM QRadar versiones 7.3.0 hasta la versión 7.3.3, Parche 2, podría permitir a un atacante remoto obtener información confidencial, debido al fallo para habilitar apropiadamente HTTP Strict Transport Security. Un atacante podría explotar esta vulnerabilidad para obtener información confidencial usando técnicas de tipo "man in the middle". • https://exchange.xforce.ibmcloud.com/vulnerabilities/167810 https://www.ibm.com/support/pages/node/6189735 • CWE-319: Cleartext Transmission of Sensitive Information •