CVE-2015-2007

5MEDIUM

Key Information:

Vendor
IBM
Status
Qradar Security Information And Event Manager
Vendor
CVE Published:
3 January 2016

Summary

Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.5 Patch 6 allows remote authenticated users to read arbitrary files via a crafted URL.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21967647
x_refsource_CONFIRM

CVSS V3.1

Score:
5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.