CVE-2016-9726Improper Input Validation in IBM Qradar Incident Forensics

CWE-20Improper Input Validation3 documents3 sources
Severity
8.8HIGHNVD
EPSS
1.5%
top 19.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Qradar Incident ForensicsIBM Qradar Security Information AND Event Manager
Timeline
PublishedMar 7
Latest updateMay 17

Description

IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference #: 1999542.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-pc86-8x4w-cr47: IBM QRadar Incident Forensics 72022-05-17
CVEList
CVE-2016-9726: IBM QRadar Incident Forensics 72017-03-07
CVE-2016-9726 — Improper Input Validation in IBM | cvebase