Monday, July 13, 2020

Security Bulletin: IBM QRadar SIEM is vulnerable to cross-site scripting (CVE-2020-4364)

Jul 13, 2020 8:00 pm EDT

Categorized: Medium Severity

Share this post:

IBM QRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Affected product(s) and affected version(s):

IBM QRadar SIEM 7.4.0 to 7.4.0 Patch 2

IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 3

 

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6246139



from IBM Product Security Incident Response Team https://ift.tt/38QNaxa

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.