Remote Code Injection Vulnerability in IBM QRadar WinCollect Agent
CVE-2024-51462

4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
17 January 2025

Summary

The IBM QRadar WinCollect Agent versions 10.0.0 through 10.1.12 are susceptible to a remote code injection vulnerability caused by improper input validation of internal parameters. This could allow an attacker to inject malicious XML data, potentially compromising the integrity of the system and exposing sensitive information. Organizations using affected versions are urged to review their security posture and apply necessary mitigations as outlined by IBM.

Affected Version(s)

QRadar WinCollect Agent 10.0.0 <= 10.1.12

References

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.