CVE Vulnerabilities

CVE-2016-2881

Published: Nov 30, 2016 | Modified: Dec 01, 2016
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 and QRadar Incident Forensics 7.2 before 7.2.7 allow remote attackers to bypass intended access restrictions via modified request parameters.

Affected Software

Name Vendor Start Version End Version
Qradar_security_information_and_event_manager Ibm * 7.1.0 (including)
Qradar_security_information_and_event_manager Ibm 7.2.0 (including) 7.2.0 (including)
Qradar_security_information_and_event_manager Ibm 7.2.1 (including) 7.2.1 (including)
Qradar_security_information_and_event_manager Ibm 7.2.2 (including) 7.2.2 (including)
Qradar_security_information_and_event_manager Ibm 7.2.3 (including) 7.2.3 (including)
Qradar_security_information_and_event_manager Ibm 7.2.4 (including) 7.2.4 (including)
Qradar_security_information_and_event_manager Ibm 7.2.5 (including) 7.2.5 (including)
Qradar_security_information_and_event_manager Ibm 7.2.6 (including) 7.2.6 (including)

References