PT-2016-5255 · Ibm · Ibm Qradar Siem
Chris Shepherd
+6
·
Publicado
2016-11-30
·
Atualizado
2016-12-15
·
CVE-2016-2869
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM QRadar SIEM versions 7.1 before MR2 Patch 13
IBM QRadar SIEM versions 7.2 before 7.2.7
Description
The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the UI of IBM QRadar SIEM. These vulnerabilities allow remote authenticated users to inject arbitrary web script or HTML via crafted fields in a URL.
Recommendations
For IBM QRadar SIEM version 7.1, update to at least MR2 Patch 13 to resolve the issue.
For IBM QRadar SIEM version 7.2, update to at least version 7.2.7 to resolve the issue.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Qradar Siem