Vulnerabilities > CVE-2020-4280 - Deserialization of Untrusted Data vulnerability in IBM Qradar Security Information and Event Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 176140.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 28 | |
OS | 1 |
Common Weakness Enumeration (CWE)
References
- http://packetstormsecurity.com/files/159589/QRadar-RemoteJavaScript-Deserialization.html
- http://packetstormsecurity.com/files/159589/QRadar-RemoteJavaScript-Deserialization.html
- http://seclists.org/fulldisclosure/2020/Oct/18
- http://seclists.org/fulldisclosure/2020/Oct/18
- https://exchange.xforce.ibmcloud.com/vulnerabilities/176140
- https://exchange.xforce.ibmcloud.com/vulnerabilities/176140
- https://www.ibm.com/support/pages/node/6344079
- https://www.ibm.com/support/pages/node/6344079