CVE-2016-2872

5.3MEDIUM

Key Information:

Vendor
IBM
Status
Qradar Security Information And Event Manager
Security Qradar Incident Forensics
Vendor
CVE Published:
2 July 2016

Summary

Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21985775
x_refsource_CONFIRM

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.