Jul 13, 2020 8:00 pm EDT
Categorized: High Severity
Share this post:
IBM QRadar is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
Affected product(s) and affected version(s):
IBM QRadar SIEM 7.4.0 to 7.4.0 Patch 2
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 3
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6246133
from IBM Product Security Incident Response Team https://ift.tt/3ftvwSx
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.