CVE-2021-29863

Name of the Vulnerable Software and Affected Versions IBM QRadar SIEM versions 7.3 through 7.4

Description The issue is related to insufficient validation of incoming requests, which can be exploited by a remote attacker to perform a Server Side Request Forgery (SSRF) attack by sending specially crafted requests. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Recommendations For IBM QRadar SIEM versions 7.3 and 7.4, consider restricting access to the system to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling the functionality that allows sending requests from the system to mitigate the risk of SSRF attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.