Vulnerability in Ibm Qradar Siem
CVE-2020-4789
IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot"…
EPSS: 0.004 (58.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/I:N/UI:N/PR:L/AC:L/S:U/C:H/A:N/AV:N/RL:O/E:U/RC:C.
Affected products
- Ibm Qradar Siem — versions 7.3.0, 7.4.0, 7.3.3 Patch 5
References
- www.ibm.com/support/pages/node/6408862 (x_refsource_CONFIRM)
- ibm-qradar-cve20204789-info-disc (189302) (vdb-entry, x_refsource_XF)
Frequently asked questions
- What is CVE-2020-4789?
- CVE-2020-4789 is a medium-severity vulnerability in Ibm Qradar Siem. CVSS score: 6.5/10. Published 2021-01-27.
- How severe is CVE-2020-4789?
- Medium severity. CVSS v3 base score is 6.5 out of 10.