PT-2023-2980 · Ibm · Ibm Qradar Wincollect Agent
Ben Goodspeed
+8
·
Published
2023-05-08
·
Updated
2023-06-07
·
CVE-2023-26277
CVSS v3.1
7.8
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM QRadar WinCollect Agent versions 10.0 through 10.1.3
Description
The issue is related to insufficient access control in the IBM QRadar WinCollect Agent, which could allow a local user to execute commands on the system due to execution with unnecessary privileges. This could potentially enable an attacker to elevate their privileges and execute arbitrary commands.
Recommendations
For IBM QRadar WinCollect Agent versions 10.0 through 10.1.3, consider restricting the execution of the agent to only necessary privileges as a temporary workaround until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Qradar Wincollect Agent