CVE-2016-2874

low-risk

Published 2016-11-30

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

Do I need to act?

-

0.12% chance of exploitation

EPSS score — low exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

3

CVSS 3.1/10 Low

NETWORK / HIGH complexity

Affected Products (8)

Qradar Security Information And Event Manager

Qradar Security Information And Event Manager

Qradar Security Information And Event Manager

Qradar Security Information And Event Manager

Qradar Security Information And Event Manager

Qradar Security Information And Event Manager

Qradar Security Information And Event Manager

Qradar Security Information And Event Manager

Affected Vendors

Ibm

References (4)

Patch http://www-01.ibm.com/support/docview.wss?uid=swg21987771

http://www.securityfocus.com/bid/95003

Patch http://www-01.ibm.com/support/docview.wss?uid=swg21987771

http://www.securityfocus.com/bid/95003

26

/ 100

low-risk

Severity 11/34 · Low

Exploitability 1/34 · Minimal

Exposure 14/34 · Moderate