Tuesday, February 28, 2017

IBM Security Bulletin: IBM QRadar SIEM contains hard-coded credentials (CVE-2016-2880)

An IBM QRadar SIEM user with shell access could obtain the encryption key used to encrypt certain passwords.

CVE(s): CVE-2016-2880

Affected product(s) and affected version(s):

IBM QRadar SIEM 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2lPzhbO
X-Force Database: http://ift.tt/2lknJd1

The post IBM Security Bulletin: IBM QRadar SIEM contains hard-coded credentials (CVE-2016-2880) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2lPxO57
Posted by at

1 comment:

  1. UnknownJune 29, 2017 at 3:10 AM

    IBM Security QRadar SIEM enables you to minimize the time gap between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. Click here for more information.

    ReplyDelete

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)