CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2018-1730
https://notcve.org/view.php?id=CVE-2018-1730
IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 147709. Las versiones 7.2 y 7.3 de IBM QRadar SIEM son vulnerables a ataques de tipo XML External Entity Injection (XXE) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información sensible o consumir recursos de la memoria. • https://exchange.xforce.ibmcloud.com/vulnerabilities/147709 https://www.ibm.com/support/docview.wss?uid=ibm10742741&myns=swgother&mynp=OCSSBQAC&mync=E&cm_sp=swgother-_-OCSSBQAC-_-E • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.0EPSS: 0%CPEs: 21EXPL: 0CVE-2018-1571
https://notcve.org/view.php?id=CVE-2018-1571
IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 143121. IBM QRadar en sus versiones 7.2 y 7.3 podría permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el sistema. Un atacante podría explotar esta vulnerabilidad para ejecutar comandos arbitrarios en el sistema mediante el envío de una petición especialmente manipulada. • http://www.securityfocus.com/bid/105333 https://exchange.xforce.ibmcloud.com/vulnerabilities/143121 https://www-01.ibm.com/support/docview.wss?uid=ibm10729701 •
CVSS: 5.8EPSS: 1%CPEs: 18EXPL: 2CVE-2018-1612 – IBM QRadar SIEM Unauthenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-1612
IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information. IBM X-Force ID: 144164. IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2 y 7.3) podría permitir que un atacante remoto omita la autenticación y obtenga información sensible. IBM X-Force ID: 144164. • https://www.exploit-db.com/exploits/45005 http://www-01.ibm.com/support/docview.wss?uid=swg22017062 https://exchange.xforce.ibmcloud.com/vulnerabilities/144164 https://blogs.securiteam.com/index.php/archives/3689 https://raw.githubusercontent.com/pedrib/PoC/master/advisories/IBM/ibm-qradar-siem-forensics.txt https://seclists.org/fulldisclosure/2018/May/54 http://www-01.ibm.com/support/docview.wss?uid=swg22015797 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2017-1721
https://notcve.org/view.php?id=CVE-2017-1721
IBM Security QRadar SIEM 7.2 and 7.3 could allow an unauthenticated user to execute code remotely with lower level privileges under unusual circumstances. IBM X-Force ID: 134810. IBM Security QRadar SIEM 7.2 y 7.3 podría permitir que un usuario no autenticado ejecute código remoto con privilegios de bajo nivel bajo circunstancias inusuales. IBM X-Force ID: 134810. • http://www.ibm.com/support/docview.wss?uid=swg22015799 https://exchange.xforce.ibmcloud.com/vulnerabilities/134810 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 7%CPEs: 17EXPL: 2CVE-2018-1418 – IBM QRadar SIEM Unauthenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-1418
IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass authentication which could lead to code execution. IBM X-Force ID: 138824. IBM Security QRadar SIEM 7.2 y 7.3 podrían permitir que un usuario omita la autenticación, lo que podría conducir a una ejecución de código. IBM X-Force ID: 138824. IBM QRadar SIEM versions prior to 7.3.1 Patch 3 or 7.2.8 Patch 28 suffer from authentication bypass, code execution, and privilege escalation vulnerabilities. • https://www.exploit-db.com/exploits/45005 http://www.ibm.com/support/docview.wss?uid=swg22015797 https://exchange.xforce.ibmcloud.com/vulnerabilities/138824 https://blogs.securiteam.com/index.php/archives/3689 https://raw.githubusercontent.com/pedrib/PoC/master/advisories/IBM/ibm-qradar-siem-forensics.txt https://seclists.org/fulldisclosure/2018/May/54 http://www-01.ibm.com/support/docview.wss?uid=swg22015797 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux& • CWE-287: Improper Authentication •