PT-2016-3594 · Ibm · Ibm Security Qradar Siem

John Zuccato

Publicado

2016-02-15

Atualizado

2016-02-29

CVE-2015-2008

CVSS v2.0

3.5

Baixa

Vetor

AV:N/AC:M/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Security QRadar SIEM versions 7.1.x through 7.1 MR2 Patch 11 IBM Security QRadar SIEM versions 7.2.x through 7.2.5

Description The issue allows remote authenticated administrators to obtain sensitive information by reading a backup archive because SSH private keys are included during backup operations.

Recommendations For IBM Security QRadar SIEM versions 7.1.x through 7.1 MR2 Patch 11, update to at least 7.1 MR2 Patch 12 to resolve the issue. For IBM Security QRadar SIEM versions 7.2.x through 7.2.5, update to at least 7.2.6 to resolve the issue.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

CVE-2015-2008

Produtos afetados

Ibm Security Qradar Siem

PT-2016-3594 · Ibm · Ibm Security Qradar Siem

CVE-2015-2008

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2