Security Bulletin
Summary
IBM QRadar 7.2 MR2 contains SQL Injection and Incorrect Handling of SSH Connection vulnerabilities .
Vulnerability Details
CVE ID: CVE-2014-4824
DESCRIPTION: IBM QRadar is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
The attack requires authentication, but not local network access or specialized knowledge and techniques. An exploit could affect the integrity of data, confidentiality of information, and the availability of the system.
CVSS:
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/95574 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVE ID: CVE-2014-4826
DESCRIPTION: IBM QRadar is vulnerable due to incorrect handling of SSH connections. A remote attacker could exploit this vulnerability by capturing network traffic to obtain plain-text credentials and other sensitive information.
The attack does not require local network access or authentication, but some specialized knowledge and techniques are required. An exploit would not affect the integrity of data or availability of the system, but it could impact the confidentiality of information.
CVSS:
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/95576 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Affected Products and Versions
IBM QRadar 7.2 MR2
Remediation/Fixes
- IBM QRadar 7.2 MR3 - QRadar 7.2.3 Patch 1
NOTE: For the SSH connection vulnerability, view the IBM QRadar Admin Guide for 7.2 MR3 in the Create Scan Profiles for help on how to configure SSH keys for scanner profiles.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg21684448