Access Restriction Bypass Vulnerability in IBM QRadar SIEM
CVE-2016-2881

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Qradar Security Information And Event Manager
Vendor: CVE Published:; 30 November 2016

Summary

IBM QRadar SIEM and QRadar Incident Forensics contain a vulnerability that allows remote attackers to bypass intended access restrictions. This can be achieved through the manipulation of request parameters, potentially exposing sensitive data and leading to unauthorized access. Users are advised to apply the necessary patches to protect their systems.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21987777

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 30, 2016
Vulnerability Reserved
Mar 9, 2016