CVE-2020-4280
published 2020-10-08CVE-2020-4280: IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied…
PriorityP275high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
73.45%
99.4th percentile
IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 176140.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | qradar_security_information_and_event_manager | — | — |
| ibm | qradar_security_information_and_event_manager | 7.3.0 – 7.3.3 | — |
| ibm | qradar_security_information_and_event_manager | 7.4.0 – 7.4.1 | — |
| ibm | qradar_siem | — | — |
| ibm | qradar_siem | — | — |
| ibm | qradar_siem | — | — |
| ibm | qradar_siem | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.06.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_redhat9.6CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m56g-8mxc-8694: IBM QRadar SIEM 7
ghsa_unreviewed·2022-05-24
CVE-2020-4280 [HIGH] CWE-502 GHSA-m56g-8mxc-8694: IBM QRadar SIEM 7
IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 176140.
Red Hat
chromium-browser: Uninitialized Use in V8
vendor_redhat·2020-12-02·CVSS 6.5
CVE-2020-16042 [MEDIUM] chromium-browser: Uninitialized Use in V8
chromium-browser: Uninitialized Use in V8
Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
The Mozilla Foundation Security Advisory describes this flaw as:
When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read.
Package: thunderbird (Red Hat Enterprise Linux 5) - Out of support scope
Package: firefox (Red Hat Enterprise Linux 6) - Out of support scope
Package: thunderbird (Red Hat Enterprise Linux 6) - Out of support scope
Red Hat
chromium-browser: Use after free in payments
vendor_redhat·2020-11-17·CVSS 9.6
CVE-2020-16018 [CRITICAL] chromium-browser: Use after free in payments
chromium-browser: Use after free in payments
Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Inappropriate implementation in cryptohome
vendor_redhat·2020-11-17·CVSS 8.8
CVE-2020-16020 [HIGH] chromium-browser: Inappropriate implementation in cryptohome
chromium-browser: Inappropriate implementation in cryptohome
Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass discretionary access control via a malicious file.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
Mozilla: Variable time processing of cross-origin images during drawImage calls
vendor_redhat·2020-11-17·CVSS 4.3
CVE-2020-16012 [MEDIUM] CWE-829 Mozilla: Variable time processing of cross-origin images during drawImage calls
Mozilla: Variable time processing of cross-origin images during drawImage calls
Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Package: firefox (Red Hat Enterprise Linux 5) - Out of support scope
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Insufficient policy enforcement in networking
vendor_redhat·2020-11-17·CVSS 8.8
CVE-2020-16022 [HIGH] chromium-browser: Insufficient policy enforcement in networking
chromium-browser: Insufficient policy enforcement in networking
Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Insufficient data validation in cros-disks
vendor_redhat·2020-11-17·CVSS 8.8
CVE-2020-16035 [HIGH] chromium-browser: Insufficient data validation in cros-disks
chromium-browser: Insufficient data validation in cros-disks
Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Incorrect security UI in tab preview
vendor_redhat·2020-11-17·CVSS 4.3
CVE-2020-16031 [MEDIUM] chromium-browser: Incorrect security UI in tab preview
chromium-browser: Incorrect security UI in tab preview
Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Incorrect security UI in sharing
vendor_redhat·2020-11-17·CVSS 4.3
CVE-2020-16032 [MEDIUM] chromium-browser: Incorrect security UI in sharing
chromium-browser: Incorrect security UI in sharing
Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Inappropriate implementation in PDFium
vendor_redhat·2020-11-17·CVSS 8.8
CVE-2020-16029 [HIGH] chromium-browser: Inappropriate implementation in PDFium
chromium-browser: Inappropriate implementation in PDFium
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Insufficient policy enforcement in developer tools
vendor_redhat·2020-11-17·CVSS 6.5
CVE-2020-16027 [MEDIUM] chromium-browser: Insufficient policy enforcement in developer tools
chromium-browser: Insufficient policy enforcement in developer tools
Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Incorrect security UI in WebUSB
vendor_redhat·2020-11-17·CVSS 4.3
CVE-2020-16033 [MEDIUM] chromium-browser: Incorrect security UI in WebUSB
chromium-browser: Incorrect security UI in WebUSB
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Heap buffer overflow in WebRTC
vendor_redhat·2020-11-17·CVSS 8.8
CVE-2020-16028 [HIGH] chromium-browser: Heap buffer overflow in WebRTC
chromium-browser: Heap buffer overflow in WebRTC
Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Insufficient data validation in Blink
vendor_redhat·2020-11-17·CVSS 6.1
CVE-2020-16030 [MEDIUM] chromium-browser: Insufficient data validation in Blink
chromium-browser: Insufficient data validation in Blink
Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Inappropriate implementation in filesystem
vendor_redhat·2020-11-17·CVSS 8.8
CVE-2020-16019 [HIGH] chromium-browser: Inappropriate implementation in filesystem
chromium-browser: Inappropriate implementation in filesystem
Inappropriate implementation in filesystem in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Use after free in PPAPI
vendor_redhat·2020-11-17·CVSS 9.6
CVE-2020-16014 [CRITICAL] chromium-browser: Use after free in PPAPI
chromium-browser: Use after free in PPAPI
Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Use after free in WebCodecs
vendor_redhat·2020-11-17·CVSS 8.8
CVE-2020-16023 [HIGH] chromium-browser: Use after free in WebCodecs
chromium-browser: Use after free in WebCodecs
Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Insufficient data validation in WASM
vendor_redhat·2020-11-17·CVSS 8.8
CVE-2020-16015 [HIGH] chromium-browser: Insufficient data validation in WASM
chromium-browser: Insufficient data validation in WASM
Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Inappropriate implementation in WebRTC
vendor_redhat·2020-11-17·CVSS 4.3
CVE-2020-16034 [MEDIUM] chromium-browser: Inappropriate implementation in WebRTC
chromium-browser: Inappropriate implementation in WebRTC
Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attacker to bypass policy restrictions via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Heap buffer overflow in UI
vendor_redhat·2020-11-17·CVSS 9.6
CVE-2020-16024 [CRITICAL] chromium-browser: Heap buffer overflow in UI
chromium-browser: Heap buffer overflow in UI
Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Use after free in WebRTC
vendor_redhat·2020-11-17·CVSS 8.8
CVE-2020-16026 [HIGH] chromium-browser: Use after free in WebRTC
chromium-browser: Use after free in WebRTC
Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Heap buffer overflow in clipboard
vendor_redhat·2020-11-17·CVSS 9.6
CVE-2020-16025 [CRITICAL] chromium-browser: Heap buffer overflow in clipboard
chromium-browser: Heap buffer overflow in clipboard
Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Inappropriate implementation in cookies
vendor_redhat·2020-11-17·CVSS 6.5
CVE-2020-16036 [MEDIUM] chromium-browser: Inappropriate implementation in cookies
chromium-browser: Inappropriate implementation in cookies
Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass cookie restrictions via a crafted HTML page.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
Red Hat
chromium-browser: Race in ImageBurner
vendor_redhat·2020-11-17·CVSS 7.5
CVE-2020-16021 [HIGH] chromium-browser: Race in ImageBurner
chromium-browser: Race in ImageBurner
Race in image burner in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to perform OS-level privilege escalation via a malicious file.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Will not fix
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/159589/QRadar-RemoteJavaScript-Deserialization.htmlhttp://seclists.org/fulldisclosure/2020/Oct/18https://exchange.xforce.ibmcloud.com/vulnerabilities/176140https://www.ibm.com/support/pages/node/6344079http://packetstormsecurity.com/files/159589/QRadar-RemoteJavaScript-Deserialization.htmlhttp://seclists.org/fulldisclosure/2020/Oct/18https://exchange.xforce.ibmcloud.com/vulnerabilities/176140https://www.ibm.com/support/pages/node/6344079
2020-10-08
Published