Sensitive Information Exposure in IBM QRadar SIEM Product
CVE-2016-2871

7.8HIGH

Key Information:

Vendor: IBM
Status: Qradar Security Information And Event Manager
Vendor: CVE Published:; 30 November 2016

What is CVE-2016-2871?

IBM QRadar SIEM versions 7.1 prior to MR2 Patch 13 and 7.2 prior to 7.2.7 store certain sensitive passwords in cleartext format. This security oversight enables local users to access and read critical configuration files, potentially compromising the confidentiality of sensitive information managed by the security information and event management system.

References

http://www.securityfocus.com/bid/94861

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg21987769

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 30, 2016
Vulnerability Reserved
Mar 9, 2016