The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
CVE(s): CVE-2016-2881
Affected product(s) and affected version(s):
· IBM QRadar SIEM 7.2.n
· IBM QRadar SIEM 7.1.n
· IBM QRadar Incident Forensics 7.2.n
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2aj2UsZ
X-Force Database: http://ift.tt/2ajVUz8
from IBM Product Security Incident Response Team http://ift.tt/2aj2tPl
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.