PT-2016-3594 · Ibm · Ibm Security Qradar Siem

John Zuccato

Published

2016-02-15

Updated

2016-02-29

CVE-2015-2008

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Security QRadar SIEM versions 7.1.x through 7.1 MR2 Patch 11 IBM Security QRadar SIEM versions 7.2.x through 7.2.5

Description The issue allows remote authenticated administrators to obtain sensitive information by reading a backup archive because SSH private keys are included during backup operations.

Recommendations For IBM Security QRadar SIEM versions 7.1.x through 7.1 MR2 Patch 11, update to at least 7.1 MR2 Patch 12 to resolve the issue. For IBM Security QRadar SIEM versions 7.2.x through 7.2.5, update to at least 7.2.6 to resolve the issue.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2015-2008

Affected Products

Ibm Security Qradar Siem

PT-2016-3594 · Ibm · Ibm Security Qradar Siem

CVE-2015-2008

Weakness Enumeration

Related Identifiers

Affected Products

References · 2