Wednesday, June 3, 2020

Security Bulletin: IBM QRadar is vulnerable to an XML External Entity Injection (XXE) attack (CVE-2020-4509)

IBM QRadar is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data

Affected product(s) and affected version(s):

All SDEE protocol versions before 7.3.0-QRADAR-PROTOCOL-SDEE-7.3-20200429181957

All SDEE protocol versions before 7.4.0-QRADAR-PROTOCOL-SDEE-7.4-20200429181942

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6220154

The post Security Bulletin: IBM QRadar is vulnerable to an XML External Entity Injection (XXE) attack (CVE-2020-4509) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2Xt7ror
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)