CVE-2016-9738

IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 119783.

Affected Software

Name	Vendor	Start Version	End Version
Qradar_security_information_and_event_manager	Ibm	7.2.0 (including)	7.2.0 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.1 (including)	7.2.1 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.2 (including)	7.2.2 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.3 (including)	7.2.3 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.4 (including)	7.2.4 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.5 (including)	7.2.5 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.6 (including)	7.2.6 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.7 (including)	7.2.7 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.8 (including)	7.2.8 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.8-p1 (including)	7.2.8-p1 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.8-p2 (including)	7.2.8-p2 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.8-p3 (including)	7.2.8-p3 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.8-p4 (including)	7.2.8-p4 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.8-p5 (including)	7.2.8-p5 (including)
Qradar_security_information_and_event_manager	Ibm	7.2.8-p6 (including)	7.2.8-p6 (including)
Qradar_security_information_and_event_manager	Ibm	7.3.0 (including)	7.3.0 (including)
Qradar_security_information_and_event_manager	Ibm	7.3.0-p1 (including)	7.3.0-p1 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9738
CWE	https://cwe.mitre.org/data/definitions/254.html

Affected Software

References