CVE-2020-4269
QRadar Community Edition 7.3.1.6 Default Credentials
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-ForceID: 175845.
IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, contiene credenciales embebidas, tales como una contraseña o una clave criptográfica, que usa para su propia autenticación de entrada, la comunicación de salida a componentes externos o el cifrado de datos internos. IBM X-ForceID: 175845.
QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. Using this default password it is possible to download configuration sets containing sensitive information, including (encrypted) credentials and host tokens. With these host tokens it is possible to access other parts of QRadar.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-12-30 CVE Reserved
- 2020-04-15 CVE Published
- 2024-09-10 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (4)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| http://packetstormsecurity.com/files/157328/QRadar-Community-Edition-7.3.1.6-Default-Credentials.html | 2024-09-16 | |
| http://seclists.org/fulldisclosure/2020/Apr/34 | 2024-09-16 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/175845 | 2022-06-29 | |
| https://www.ibm.com/support/pages/node/6189711 | 2022-06-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | >= 7.3.0 < 7.3.3 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version " >= 7.3.0 < 7.3.3" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | 7.3.3 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version "7.3.3" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | 7.3.3 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version "7.3.3" | p1 |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | 7.3.3 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version "7.3.3" | p2 |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|