Denial of Service Vulnerability in IBM QRadar Incident Forensics
CVE-2018-1647

7.5HIGH

Key Information:

Vendor: IBM
Status: Qradar Incident Forensics
Vendor: CVE Published:; 5 October 2018

Summary

IBM QRadar Incident Forensics versions 7.2 and 7.3 are susceptible to a denial of service vulnerability due to improper restrictions on resource requests. An unauthenticated user may exploit this flaw to initiate requests that overwhelm the system, leading to potential service disruption. The vulnerability underscores the need for robust security measures to regulate resource access and ensure uninterrupted service.

Affected Version(s)

QRadar Incident Forensics 7.2

QRadar Incident Forensics 7.3

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/144650

vdb-entryx_refsource_XF

https://www.ibm.com/support/docview.wss?uid=ibm10729705

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 5, 2018
Vulnerability Reserved
Dec 13, 2017