Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-1612 — Sensitive Information Exposure in IBM Qradar Security Information AND Event Manager

CWE-200 — Sensitive Information Exposure4 documents4 sources

Severity

5.8MEDIUMNVD

EPSS

78.4%

top 0.97%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

IBM Qradar Security Information AND Event Manager IBM Qradar Siem

Timeline

PublishedJul 17

Latest updateMay 13

Description

IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information. IBM X-Force ID: 144164.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶NVDibm/qradar_security_information_and_event_manager7.2.0 — 7.2.8+3

▶CVEListV5ibm/qradar_siem7.2, 7.3+1

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-6gph-3ccw-c7m6: IBM QRadar Incident Forensics (IBM QRadar SIEM 7↗2022-05-13

▶

CVEList

CVE-2018-1612: IBM QRadar Incident Forensics (IBM QRadar SIEM 7↗2018-07-17

▶

💥Exploits & PoCs

Exploit-DB

IBM QRadar SIEM - Remote Code Execution (Metasploit)↗2018-07-11

▶