PT-2016-5254 · Ibm · Ibm Security Qradar Siem
Chris Shepherd
+6
·
Publicado
2016-07-02
·
Atualizado
2016-07-06
·
CVE-2016-2868
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Security QRadar SIEM versions 7.2.x through 7.2.6
Description
The issue allows remote authenticated administrators to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Recommendations
For versions 7.2.x through 7.2.6, update to version 7.2.7 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Ibm Security Qradar Siem