IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script.
Weakness
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qradar_security_information_and_event_manager | Ibm | 7.5.0 (including) | 7.5.0 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_1 (including) | 7.5.0-update_pack_1 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_10 (including) | 7.5.0-update_pack_10 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_11 (including) | 7.5.0-update_pack_11 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_12 (including) | 7.5.0-update_pack_12 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_13 (including) | 7.5.0-update_pack_13 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_13_interim_fix_01 (including) | 7.5.0-update_pack_13_interim_fix_01 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_13_interim_fix_02 (including) | 7.5.0-update_pack_13_interim_fix_02 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_2 (including) | 7.5.0-update_pack_2 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_3 (including) | 7.5.0-update_pack_3 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_4 (including) | 7.5.0-update_pack_4 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_5 (including) | 7.5.0-update_pack_5 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_6 (including) | 7.5.0-update_pack_6 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_7 (including) | 7.5.0-update_pack_7 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_8 (including) | 7.5.0-update_pack_8 (including) |
| Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_9 (including) | 7.5.0-update_pack_9 (including) |