The Log file protocol could allow permissions to a resource to be read or modified by unintended actors.
CVE(s): CVE-2018-2024
Affected product(s) and affected version(s):
7.2.0-QRADAR-PROTOCOL-LogFileProtocol-7.2-20180625094737 and prior 7.3.0-QRADAR-PROTOCOL-LogFileProtocol-7.3-20180625134822 and prior
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10958889
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155350
The post IBM Security Bulletin: An IBM QRadar SIEM protocol is vulnerable to Incorrect Permission Assignment (CVE-2018-2024) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2Gi3M3P
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.