Thursday, July 18, 2019

IBM Security Bulletin: An IBM QRadar SIEM protocol is vulnerable to Incorrect Permission Assignment (CVE-2018-2024)

The Log file protocol could allow permissions to a resource to be read or modified by unintended actors.

CVE(s): CVE-2018-2024

Affected product(s) and affected version(s):
7.2.0-QRADAR-PROTOCOL-LogFileProtocol-7.2-20180625094737 and prior 7.3.0-QRADAR-PROTOCOL-LogFileProtocol-7.3-20180625134822 and prior

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10958889
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155350

The post IBM Security Bulletin: An IBM QRadar SIEM protocol is vulnerable to Incorrect Permission Assignment (CVE-2018-2024) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2Gi3M3P
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)