Permission Misconfiguration in IBM QRadar Security Software
CVE-2017-1624

4.2MEDIUM

Key Information:

Vendor
IBM
Status
Security Qradar Siem
Vendor
CVE Published:
4 April 2018

Summary

The IBM QRadar products, specifically versions 7.3 and 7.3.1, suffer from a misconfiguration that affects permissions for critical security resources. This flaw permits unauthorized users to read or alter sensitive information, potentially undermining the integrity and confidentiality of the system. Organizations using these versions should implement the recommended patches or upgrades to mitigate the risks associated with this vulnerability.

Affected Version(s)

Security QRadar SIEM 7.3

Security QRadar SIEM 7.3.1

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/133122
x_refsource_MISC
http://www.ibm.com/support/docview.wss?uid=swg22015236
x_refsource_CONFIRM

CVSS V3.1

Score:
4.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.