What is CVE-2020-4274?

CVE-2020-4274 is a medium-severity vulnerability in Ibm Qradar. CVSS score: 5.4/10. Published 2020-04-15.

How severe is CVE-2020-4274?

Medium severity. CVSS v3 base score is 5.4 out of 10.

Vulnerability in Ibm Qradar

CVE-2020-4274

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform unauthorized actions due to inadequate permission checks. IBM X-ForceID: 175980.

EPSS: 0.003 (50.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.0/PR:L/AC:L/UI:N/AV:N/C:L/I:L/S:U/A:N/E:U/RL:O/RC:C.

Affected products

Ibm Qradar — versions 7.3.0, 7.3.3.Patch2

References

www.ibm.com/support/pages/node/6189705 (x_refsource_CONFIRM)
ibm-qradar-cve20204274-auth-bypass (175980) (vdb-entry, x_refsource_XF)
20200421 Authorization bypass in QRadar Forensics web application (mailing-list, x_refsource_FULLDISC)
packetstormsecurity.com/files/157338/QRadar-Community-Edition-7.3.1.6-Authoriza… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-4274?: CVE-2020-4274 is a medium-severity vulnerability in Ibm Qradar. CVSS score: 5.4/10. Published 2020-04-15.
How severe is CVE-2020-4274?: Medium severity. CVSS v3 base score is 5.4 out of 10.