CVSS: 9.0EPSS: 0%CPEs: 21EXPL: 0CVE-2018-1571
https://notcve.org/view.php?id=CVE-2018-1571
IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 143121. IBM QRadar en sus versiones 7.2 y 7.3 podría permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el sistema. Un atacante podría explotar esta vulnerabilidad para ejecutar comandos arbitrarios en el sistema mediante el envío de una petición especialmente manipulada. • http://www.securityfocus.com/bid/105333 https://exchange.xforce.ibmcloud.com/vulnerabilities/143121 https://www-01.ibm.com/support/docview.wss?uid=ibm10729701 •
CVSS: 5.8EPSS: 1%CPEs: 18EXPL: 1CVE-2018-1612 – IBM QRadar SIEM - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-1612
IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information. IBM X-Force ID: 144164. IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2 y 7.3) podría permitir que un atacante remoto omita la autenticación y obtenga información sensible. IBM X-Force ID: 144164. • https://www.exploit-db.com/exploits/45005 http://www-01.ibm.com/support/docview.wss?uid=swg22017062 https://exchange.xforce.ibmcloud.com/vulnerabilities/144164 https://blogs.securiteam.com/index.php/archives/3689 https://raw.githubusercontent.com/pedrib/PoC/master/advisories/IBM/ibm-qradar-siem-forensics.txt https://seclists.org/fulldisclosure/2018/May/54 http://www-01.ibm.com/support/docview.wss?uid=swg22015797 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2017-1722
https://notcve.org/view.php?id=CVE-2017-1722
IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 134811. IBM Security QRadar SIEM 7.2 y 7.3 es vulnerable a la inyección SQL. Un atacante remoto podría enviar instrucciones SQL especialmente manipuladas que podrían permitir que el atacante viese, añadiese, modificase o borrase información en la base de datos del backend. • http://www.ibm.com/support/docview.wss?uid=swg22015802 https://exchange.xforce.ibmcloud.com/vulnerabilities/134811 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2017-1721
https://notcve.org/view.php?id=CVE-2017-1721
IBM Security QRadar SIEM 7.2 and 7.3 could allow an unauthenticated user to execute code remotely with lower level privileges under unusual circumstances. IBM X-Force ID: 134810. IBM Security QRadar SIEM 7.2 y 7.3 podría permitir que un usuario no autenticado ejecute código remoto con privilegios de bajo nivel bajo circunstancias inusuales. IBM X-Force ID: 134810. • http://www.ibm.com/support/docview.wss?uid=swg22015799 https://exchange.xforce.ibmcloud.com/vulnerabilities/134810 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 7%CPEs: 17EXPL: 1CVE-2018-1418 – IBM QRadar SIEM - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-1418
IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass authentication which could lead to code execution. IBM X-Force ID: 138824. IBM Security QRadar SIEM 7.2 y 7.3 podrían permitir que un usuario omita la autenticación, lo que podría conducir a una ejecución de código. IBM X-Force ID: 138824. IBM QRadar SIEM versions prior to 7.3.1 Patch 3 or 7.2.8 Patch 28 suffer from authentication bypass, code execution, and privilege escalation vulnerabilities. • https://www.exploit-db.com/exploits/45005 http://www.ibm.com/support/docview.wss?uid=swg22015797 https://exchange.xforce.ibmcloud.com/vulnerabilities/138824 https://blogs.securiteam.com/index.php/archives/3689 https://raw.githubusercontent.com/pedrib/PoC/master/advisories/IBM/ibm-qradar-siem-forensics.txt https://seclists.org/fulldisclosure/2018/May/54 http://www-01.ibm.com/support/docview.wss?uid=swg22015797 • CWE-287: Improper Authentication •