Cross-Site Request Forgery Vulnerability in IBM QRadar SIEM
CVE-2016-2878
8HIGH
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 30 November 2016
Summary
IBM QRadar SIEM is vulnerable to multiple cross-site request forgery (CSRF) issues. These vulnerabilities enable attackers to manipulate user sessions and execute unauthorized commands, compromising the integrity of users' authentication. If exploited, the attacker can potentially insert malicious scripts, leading to further security breaches. Users are advised to update their installations to the latest patches to mitigate the risks associated with this vulnerability.
References
CVSS V3.1
Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved