PT-2020-18094 · Ibm · Wincollect+1

Ilias Dimopoulos

Published

2020-08-11

Updated

2020-09-23

CVE-2020-4485

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions IBM QRadar versions 7.2.0 through 7.2.9

Description The issue allows an authenticated user to disable the Wincollect service, which could aid an attacker in bypassing security mechanisms in future attacks.

Recommendations For IBM QRadar versions 7.2.0 through 7.2.9, consider restricting access to the Wincollect service to prevent its disablement until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-4485

Affected Products

Ibm Qradar

Wincollect

PT-2020-18094 · Ibm · Wincollect+1

CVE-2020-4485

Related Identifiers

Affected Products

References · 5