Vulnerabilities > CVE-2020-4272 - Deserialization of Untrusted Data vulnerability in IBM Qradar Security Information and Event Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 26 | |
| OS | 1 |
Common Weakness Enumeration (CWE)
Packetstorm
| data source | https://packetstormsecurity.com/files/download/157337/qradar7316-lfiinstant.txt |
| id | PACKETSTORM:157337 |
| last seen | 2020-04-25 |
| published | 2020-04-21 |
| reporter | Yorick Koster |
| source | https://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html |
| title | QRadar Community Edition 7.3.1.6 Arbitrary Object Instantiation |
References
- http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html
- http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html
- http://seclists.org/fulldisclosure/2020/Apr/40
- http://seclists.org/fulldisclosure/2020/Apr/40
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175898
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175898
- https://www.ibm.com/support/pages/node/6189645
- https://www.ibm.com/support/pages/node/6189645