CVE-2020-4364
https://notcve.org/view.php?id=CVE-2020-4364
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178961. IBM QRadar SIEM versiones 7.3 y 7.4, es vulnerable a unos ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la funcionalidad prevista conllevando potencialmente a una divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/178961 https://www.ibm.com/support/pages/node/6246139 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-4509
https://notcve.org/view.php?id=CVE-2020-4509
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 182364. IBM QRadar SIEM versiones 7.3 y 7.4, es vulnerable a un ataque de tipo XML External Entity Injection (XXE) cuando se procesan datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información confidencial o consumir recursos de memoria. • https://exchange.xforce.ibmcloud.com/vulnerabilities/182364 https://www.ibm.com/support/pages/node/6220154 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2020-4294 – QRadar Community Edition 7.3.1.6 Server Side Request Forgery
https://notcve.org/view.php?id=CVE-2020-4294
IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request Forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-ForceID: 176404. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, es vulnerable a un ataque de tipo Server Side Request Forgery (SSRF). Esto puede permitir a un atacante autenticado enviar peticiones no autorizadas del sistema, conllevando a una enumeración de la red o facilitar otros ataques. • http://packetstormsecurity.com/files/157329/QRadar-Community-Edition-7.3.1.6-Server-Side-Request-Forgery.html http://seclists.org/fulldisclosure/2020/Apr/35 https://exchange.xforce.ibmcloud.com/vulnerabilities/176404 https://www.ibm.com/support/pages/node/6189663 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2020-4274 – QRadar Community Edition 7.3.1.6 Authorization Bypass
https://notcve.org/view.php?id=CVE-2020-4274
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform unauthorized actions due to inadequate permission checks. IBM X-ForceID: 175980. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un usuario autentificado acceder a los datos y llevar a cabo acciones no autorizadas debido a comprobaciones de permisos inadecuadas. IBM X-ForceID: 175980. QRadar Community Edition version 7.3.1.6 suffers from an authorization bypass vulnerability. • http://packetstormsecurity.com/files/157338/QRadar-Community-Edition-7.3.1.6-Authorization-Bypass.html http://seclists.org/fulldisclosure/2020/Apr/41 https://exchange.xforce.ibmcloud.com/vulnerabilities/175980 https://www.ibm.com/support/pages/node/6189705 • CWE-276: Incorrect Default Permissions •
CVE-2020-4272 – QRadar Community Edition 7.3.1.6 Arbitrary Object Instantiation
https://notcve.org/view.php?id=CVE-2020-4272
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898. IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podría permitir a un atacante remoto incluir archivos arbitrarios. Un atacante remoto podría enviar una petición especialmente diseñada para especificar un archivo malicioso desde un sistema remoto, que podría permitir al atacante ejecutar código arbitrario en el servidor vulnerable. • http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html http://seclists.org/fulldisclosure/2020/Apr/40 https://exchange.xforce.ibmcloud.com/vulnerabilities/175898 https://www.ibm.com/support/pages/node/6189645 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-502: Deserialization of Untrusted Data •