CVE-2019-4672IBM Qradar Advisor vulnerability

3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 64.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Qradar Advisor
Timeline
PublishedFeb 25
Latest updateMay 24

Description

IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 171438.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDibm/qradar_advisor1.12.5.1
CVEListV5ibm/qradar_advisor1.1, 2.5+1

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-6vj2-ch3r-gcc3: IBM QRadar Advisor 12022-05-24
CVEList
CVE-2019-4672: IBM QRadar Advisor 12020-02-25
CVE-2019-4672 — IBM Qradar Advisor vulnerability | cvebase