CVE-2018-1649
published 2018-10-05CVE-2018-1649: IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL…
medium6.5CVSS 3.0
AVNACLPRLUINSUCHINAN
IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 144655.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | qradar_incident_forensics | — | — |
| ibm | qradar_incident_forensics | — | — |
| ibm | qradar_incident_forensics | — | — |
| ibm | qradar_incident_forensics | — | — |
| ibm | qradar_incident_forensics | 7.2.0 – 7.2.8 | — |
| ibm | qradar_incident_forensics | 7.3.0 – 7.3.1 | — |