What is CVE-2020-4272?

CVE-2020-4272 is a medium-severity vulnerability in Ibm Qradar. CVSS score: 5.5/10. Published 2020-04-15.

How severe is CVE-2020-4272?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Vulnerability in Ibm Qradar

CVE-2020-4272

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute a…

EPSS: 0.051 (90.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.0/C:L/UI:R/AV:N/AC:L/PR:L/I:L/A:L/S:U/RC:C/E:U/RL:O.

Affected products

Ibm Qradar — versions 7.3.0, 7.3.3.Patch2

References

www.ibm.com/support/pages/node/6189645 (x_refsource_CONFIRM)
ibm-qradar-cve20204272-file-upload (175898) (vdb-entry, x_refsource_XF)
20200421 Arbitrary class instantiation & local file inclusion vulnerability in QRadar Forensics web application (mailing-list, x_refsource_FULLDISC)
packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-4272?: CVE-2020-4272 is a medium-severity vulnerability in Ibm Qradar. CVSS score: 5.5/10. Published 2020-04-15.
How severe is CVE-2020-4272?: Medium severity. CVSS v3 base score is 5.5 out of 10.