CVE-2020-4511

Name of the Vulnerable Software and Affected Versions IBM QRadar SIEM versions 7.3 through 7.4

Description The issue allows an authenticated user to cause a denial of service of the qflow process by sending a malformed sflow command.

Recommendations For IBM QRadar SIEM versions 7.3 and 7.4, consider restricting access to the sflow command to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider implementing additional validation on incoming sflow commands to prevent malformed requests from causing a denial of service.