Vulnerabilities > IBM > Qradar Incident Forensics > 7.2.7

DATE CVE VULNERABILITY TITLE RISK
2017-03-07 CVE-2016-9730 Cross-Site Request Forgery (CSRF) vulnerability in IBM products
IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
4.3
4.3
2017-03-07 CVE-2016-9727 Improper Input Validation vulnerability in IBM products
IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system.
network
ibm CWE-20
8.5
8.5
2017-03-07 CVE-2016-9726 Improper Input Validation vulnerability in IBM products
IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system.
network
low complexity
ibm CWE-20
critical
 9.0
9.0
2017-03-07 CVE-2016-9723 Cross-site Scripting vulnerability in IBM products
IBM QRadar 7.2 is vulnerable to cross-site scripting.
network
ibm CWE-79
4.3
4.3
2017-03-07 CVE-2016-9720 Information Exposure vulnerability in IBM products
IBM QRadar 7.2 discloses sensitive information to unauthorized users.
network
low complexity
ibm CWE-200
5.0
5.0