What is CVE-2020-4280?

CVE-2020-4280 is a medium-severity vulnerability in Ibm Qradar Siem. CVSS score: 6.3/10. Published 2020-10-08.

How severe is CVE-2020-4280?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Is CVE-2020-4280 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Qradar Siem

CVE-2020-4280

IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java…

EPSS: 0.735 (99.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.0/AC:L/A:L/I:L/C:L/PR:L/UI:N/S:U/AV:N/E:U/RC:C/RL:O.

Affected products

Ibm Qradar Siem — versions 7.3.0, 7.3.3.Patch.4, 7.4.0

Public proof-of-concept exploits

References

www.ibm.com/support/pages/node/6344079 (x_refsource_CONFIRM)
ibm-qradar-cve20204280-code-exec (176140) (vdb-entry, x_refsource_XF)
20201016 Java deserialization vulnerability in QRadar RemoteJavaScript Servlet (mailing-list, x_refsource_FULLDISC)
packetstormsecurity.com/files/159589/QRadar-RemoteJavaScript-Deserialization.ht… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-4280?: CVE-2020-4280 is a medium-severity vulnerability in Ibm Qradar Siem. CVSS score: 6.3/10. Published 2020-10-08.
How severe is CVE-2020-4280?: Medium severity. CVSS v3 base score is 6.3 out of 10.
Is CVE-2020-4280 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.