CVE-2018-1730

Name of the Vulnerable Software and Affected Versions IBM QRadar SIEM versions 7.2 through 7.3

Description The issue is related to incorrect restriction of XML links to external objects, which can be exploited by a remote attacker to expose sensitive information or consume memory resources. This can be achieved through a XML External Entity Injection (XXE) attack when processing XML data.

Recommendations For IBM QRadar SIEM versions 7.2 and 7.3, update to a version that includes a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting XML data processing to minimize the risk of XXE attacks until a patch is available.