SymmetricalDataSecurity: IBM Security Bulletin: IBM QRadar SIEM is vulnerable to SQL Injection. (CVE-2017-1722)

Wednesday, April 25, 2018

IBM Security Bulletin: IBM QRadar SIEM is vulnerable to SQL Injection. (CVE-2017-1722)

Apr 25, 2018 9:01 am EDT

Share this post:

QRadar used an insecure method for generating SQL query and as such was vulnerable to SQL injection where an attacker injects arbitrary SQL into database queries in order to retrieve information from the database.

CVE(s): CVE-2017-1722

Affected product(s) and affected version(s):

IBM QRadar SIEM 7.3.0 – 7.3.0 Patch 7

IBM QRadar 7.2.0 to 7.2.8 Patch 11

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22015802
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134811

from IBM Product Security Incident Response Team https://ift.tt/2FdkRbO

SymmetricalDataSecurity

Wednesday, April 25, 2018

IBM Security Bulletin: IBM QRadar SIEM is vulnerable to SQL Injection. (CVE-2017-1722)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews