Local Privilege Escalation in IBM QRadar SIEM by IBM
CVE-2021-39088

7.4HIGH

Key Information:

Vendor: IBM
Status: Qradar Siem
Vendor: CVE Published:; 28 July 2022

Summary

IBM QRadar SIEM versions 7.3, 7.4, and 7.5 have a vulnerability that allows for local privilege escalation. This flaw can be exploited when combined with other undisclosed vulnerabilities, potentially allowing attackers to gain elevated privileges within the affected system. Users are advised to apply security patches and evaluate their systems to mitigate associated risks.

Affected Version(s)

QRadar SIEM 7.3

QRadar SIEM 7.4

QRadar SIEM 7.5

References

https://www.ibm.com/support/pages/node/6607129

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/216111

vdb-entryx_refsource_XF

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 28, 2022
Vulnerability Reserved
Aug 16, 2021