IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deployment communication. An attacker that is able to comprimise or spoof traffic between hosts may be able to execute arbitrary commands. IBM X-Force D: 192538.
2021-05-05T16:15:07.747
2024-11-21T05:33:30.197
Modified
CVSSv3.1: 9.8 (CRITICAL)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | qradar_security_information_and_event_manager | < 7.3.3 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | < 7.4.2 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.3.3 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.3.3 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.3.3 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.3.3 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.3.3 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.3.3 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.3.3 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.3.3 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.4.2 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.4.2 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.4.2 | Yes |