What is CVE-2020-4271?

CVE-2020-4271 is a medium-severity vulnerability in Ibm Qradar. CVSS score: 6.3/10. Published 2020-04-15.

How severe is CVE-2020-4271?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Vulnerability in Ibm Qradar

CVE-2020-4271

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897.

EPSS: 0.006 (69.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.0/I:L/A:L/S:U/C:L/UI:N/AV:N/AC:L/PR:L/RC:C/RL:O/E:U.

Affected products

Ibm Qradar — versions 7.3.3.Patch2, 7.3.0

References

www.ibm.com/support/pages/node/6189651 (x_refsource_CONFIRM)
ibm-qradar-cve20204271-command-exec (175897) (vdb-entry, x_refsource_XF)
20200421 PHP object injection vulnerability in QRadar Forensics web application (mailing-list, x_refsource_FULLDISC)
packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Objec… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-4271?: CVE-2020-4271 is a medium-severity vulnerability in Ibm Qradar. CVSS score: 6.3/10. Published 2020-04-15.
How severe is CVE-2020-4271?: Medium severity. CVSS v3 base score is 6.3 out of 10.