Vulnerabilities > IBM > Qradar Security Information AND Event Manager > 7.2.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-07 | CVE-2016-9727 | Improper Input Validation vulnerability in IBM products IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.5 |
2017-03-07 | CVE-2016-9726 | Improper Input Validation vulnerability in IBM products IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 9.0 |
2017-03-07 | CVE-2016-9725 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing (CORS), which is a mechanism that allows web sites to request resources from external sites, avoiding the need to duplicate them. | 5.0 |
2017-03-07 | CVE-2016-9724 | XXE vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 7.5 |
2017-03-07 | CVE-2016-9723 | Cross-site Scripting vulnerability in IBM products IBM QRadar 7.2 is vulnerable to cross-site scripting. | 4.3 |
2017-03-07 | CVE-2016-9720 | Information Exposure vulnerability in IBM products IBM QRadar 7.2 discloses sensitive information to unauthorized users. | 5.0 |