All the vulnerabilites related to ibm - security_qradar_incident_forensics
cve-2015-1993
Vulnerability from cvelistv5
Published
2015-11-08 22:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21968270 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968270"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-08T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968270"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21968270",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968270"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1993",
"datePublished": "2015-11-08T22:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1919
Vulnerability from cvelistv5
Published
2015-06-30 15:00
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/75209 | vdb-entry, x_refsource_BID | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21960011 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75209",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75209"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "75209",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75209"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75209",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75209"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1919",
"datePublished": "2015-06-30T15:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1996
Vulnerability from cvelistv5
Published
2015-11-08 22:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21970139 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970139"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-08T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970139"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970139",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970139"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1996",
"datePublished": "2015-11-08T22:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1997
Vulnerability from cvelistv5
Published
2015-11-08 22:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2.x before 7.2.5 Patch 5 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21970140 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970140"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2.x before 7.2.5 Patch 5 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-08T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970140"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2.x before 7.2.5 Patch 5 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970140",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970140"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1997",
"datePublished": "2015-11-08T22:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1989
Vulnerability from cvelistv5
Published
2015-11-08 22:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21970116 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:42.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970116"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-08T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970116"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970116",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970116"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1989",
"datePublished": "2015-11-08T22:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:42.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1994
Vulnerability from cvelistv5
Published
2015-11-08 22:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21968271 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:42.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968271"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-08T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968271"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21968271",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968271"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1994",
"datePublished": "2015-11-08T22:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:42.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2968
Vulnerability from cvelistv5
Published
2016-07-02 14:00
Modified
2024-08-05 23:40
Severity ?
EPSS score ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21985773 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:14.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985773"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-07-02T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985773"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-2968",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985773",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985773"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-2968",
"datePublished": "2016-07-02T14:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:14.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1999
Vulnerability from cvelistv5
Published
2015-11-08 22:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21968269 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968269"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-08T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968269"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21968269",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968269"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1999",
"datePublished": "2015-11-08T22:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1995
Vulnerability from cvelistv5
Published
2015-11-08 22:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21968326 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968326"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allow remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-08T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968326"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allow remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21968326",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968326"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1995",
"datePublished": "2015-11-08T22:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2872
Vulnerability from cvelistv5
Published
2016-07-02 14:00
Modified
2024-08-05 23:40
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21985775 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:13.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-07-02T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-2872",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985775",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-2872",
"datePublished": "2016-07-02T14:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:13.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2015-11-08 22:59
Modified
2024-11-21 02:26
Severity ?
Summary
SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_qradar_incident_forensics | 7.2.0 | |
| ibm | security_qradar_incident_forensics | 7.2.1 | |
| ibm | security_qradar_incident_forensics | 7.2.2 | |
| ibm | security_qradar_incident_forensics | 7.2.3 | |
| ibm | security_qradar_incident_forensics | 7.2.4 | |
| ibm | security_qradar_incident_forensics | 7.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02706E6-8774-4AC8-B14C-9C671AD2AEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE66EF55-6E6D-4A48-BB35-073E492EE667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E974127A-CD24-49F9-BAE8-E158C73E5E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD31091-B460-4CDD-9060-ADC475102F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "199B0E14-8151-44FF-BB68-5C3F2CEA2D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "460908EA-F6BA-4B87-89C3-F5D554D63A30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en IBM Security QRadar Incident Forensics 7.2.x en versiones anteriores a 7.2.5 Patch 5 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-1989",
"lastModified": "2024-11-21T02:26:31.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-08T22:59:00.103",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970116"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-08 22:59
Modified
2024-11-21 02:26
Severity ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_qradar_incident_forensics | 7.2.0 | |
| ibm | security_qradar_incident_forensics | 7.2.1 | |
| ibm | security_qradar_incident_forensics | 7.2.2 | |
| ibm | security_qradar_incident_forensics | 7.2.3 | |
| ibm | security_qradar_incident_forensics | 7.2.4 | |
| ibm | security_qradar_incident_forensics | 7.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02706E6-8774-4AC8-B14C-9C671AD2AEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE66EF55-6E6D-4A48-BB35-073E492EE667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E974127A-CD24-49F9-BAE8-E158C73E5E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD31091-B460-4CDD-9060-ADC475102F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "199B0E14-8151-44FF-BB68-5C3F2CEA2D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "460908EA-F6BA-4B87-89C3-F5D554D63A30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session."
},
{
"lang": "es",
"value": "IBM Security QRadar Incident Forensics 7.2.x en versiones anteriores a 7.2.5 Patch 5 no establece el indicador seguro para cookies no especificadas en una sesi\u00f3n https, lo cual hace que sea m\u00e1s f\u00e1cil para atacantes remotos capturar estas cookies interceptando su transmisi\u00f3n dentro de una sesi\u00f3n http."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/614.html\"\u003eCWE-614: Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute\u003c/a\u003e",
"id": "CVE-2015-1993",
"lastModified": "2024-11-21T02:26:31.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-08T22:59:02.557",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968270"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-08 22:59
Modified
2024-11-21 02:26
Severity ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_qradar_incident_forensics | 7.2.0 | |
| ibm | security_qradar_incident_forensics | 7.2.1 | |
| ibm | security_qradar_incident_forensics | 7.2.2 | |
| ibm | security_qradar_incident_forensics | 7.2.3 | |
| ibm | security_qradar_incident_forensics | 7.2.4 | |
| ibm | security_qradar_incident_forensics | 7.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02706E6-8774-4AC8-B14C-9C671AD2AEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE66EF55-6E6D-4A48-BB35-073E492EE667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E974127A-CD24-49F9-BAE8-E158C73E5E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD31091-B460-4CDD-9060-ADC475102F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "199B0E14-8151-44FF-BB68-5C3F2CEA2D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "460908EA-F6BA-4B87-89C3-F5D554D63A30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation."
},
{
"lang": "es",
"value": "IBM Security QRadar Incident Forensics 7.2.x en versiones anteriores a 7.2.5 Patch 5 no previene el almacenamiento en cach\u00e9 de respuestas HTTPS, lo que permite a atacantes f\u00edsicamente pr\u00f3ximos obtener informaci\u00f3n sensible de cach\u00e9 local aprovechando una estaci\u00f3n de trabajo desatendida."
}
],
"id": "CVE-2015-1996",
"lastModified": "2024-11-21T02:26:32.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-08T22:59:05.607",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970139"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-30 15:59
Modified
2024-11-21 02:26
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_qradar_incident_forensics | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED8614B-2CF7-4284-AB0B-FA8022EAEC23",
"versionEndIncluding": "7.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en IBM Security QRadar Incident Forensics anterior a 7.2.5 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2015-1919",
"lastModified": "2024-11-21T02:26:24.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-06-30T15:59:00.107",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/75209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75209"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-08 22:59
Modified
2024-11-21 02:26
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_qradar_incident_forensics | 7.2.0 | |
| ibm | security_qradar_incident_forensics | 7.2.1 | |
| ibm | security_qradar_incident_forensics | 7.2.2 | |
| ibm | security_qradar_incident_forensics | 7.2.3 | |
| ibm | security_qradar_incident_forensics | 7.2.4 | |
| ibm | security_qradar_incident_forensics | 7.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02706E6-8774-4AC8-B14C-9C671AD2AEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE66EF55-6E6D-4A48-BB35-073E492EE667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E974127A-CD24-49F9-BAE8-E158C73E5E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD31091-B460-4CDD-9060-ADC475102F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "199B0E14-8151-44FF-BB68-5C3F2CEA2D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "460908EA-F6BA-4B87-89C3-F5D554D63A30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allow remote attackers to inject arbitrary web script or HTML via a crafted URL."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en IBM Security QRadar Incident Forensics 7.2.x en versiones anteriores a 7.2.5 Patch 5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2015-1995",
"lastModified": "2024-11-21T02:26:32.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-11-08T22:59:04.667",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968326"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-02 14:59
Modified
2024-11-21 02:49
Severity ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_qradar_incident_forensics | 7.2.0 | |
| ibm | security_qradar_incident_forensics | 7.2.1 | |
| ibm | security_qradar_incident_forensics | 7.2.2 | |
| ibm | security_qradar_incident_forensics | 7.2.3 | |
| ibm | security_qradar_incident_forensics | 7.2.4 | |
| ibm | security_qradar_incident_forensics | 7.2.5 | |
| ibm | security_qradar_incident_forensics | 7.2.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02706E6-8774-4AC8-B14C-9C671AD2AEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE66EF55-6E6D-4A48-BB35-073E492EE667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E974127A-CD24-49F9-BAE8-E158C73E5E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD31091-B460-4CDD-9060-ADC475102F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "199B0E14-8151-44FF-BB68-5C3F2CEA2D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "460908EA-F6BA-4B87-89C3-F5D554D63A30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DC08AB05-8A1F-4690-A991-03B3C420333F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors."
},
{
"lang": "es",
"value": "IBM Security QRadar Incident Forensics 7.2.x en versiones anteriores a 7.2.7 permite a atacantes remotos eludir la autentificaci\u00f3n y obtener informaci\u00f3n sensible o modificar datos, a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-2968",
"lastModified": "2024-11-21T02:49:06.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-02T14:59:18.400",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985773"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-02 14:59
Modified
2024-11-21 02:48
Severity ?
Summary
Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C137959-2279-4459-8A10-43AFE09E2641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39D53329-E729-43C1-8C67-EFA4C3F7BFBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC4EDCA-DF37-4366-B944-F342FA55EEFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "09D0DA15-7DC3-4B1E-9CD9-EFC7FE4C0FEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "76CA942D-70AD-4E0D-A28E-443FB7140A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BE1C0B-DCDE-40E9-80AE-F9117FA23F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8844C7-52E1-45A0-AC51-B6F6F14DE38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02706E6-8774-4AC8-B14C-9C671AD2AEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE66EF55-6E6D-4A48-BB35-073E492EE667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E974127A-CD24-49F9-BAE8-E158C73E5E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD31091-B460-4CDD-9060-ADC475102F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "199B0E14-8151-44FF-BB68-5C3F2CEA2D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "460908EA-F6BA-4B87-89C3-F5D554D63A30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DC08AB05-8A1F-4690-A991-03B3C420333F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en IBM Security QRadar SIEM 7.2.x en versiones anteriores a 7.2.7 y QRadar Incident Forensics 7.2.x en versiones anteriores a 7.2.7 permite leer a atacantes remotos archivos arbitrarios a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2016-2872",
"lastModified": "2024-11-21T02:48:59.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-02T14:59:14.197",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985775"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-08 22:59
Modified
2024-11-21 02:26
Severity ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_qradar_incident_forensics | 7.2.0 | |
| ibm | security_qradar_incident_forensics | 7.2.1 | |
| ibm | security_qradar_incident_forensics | 7.2.2 | |
| ibm | security_qradar_incident_forensics | 7.2.3 | |
| ibm | security_qradar_incident_forensics | 7.2.4 | |
| ibm | security_qradar_incident_forensics | 7.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02706E6-8774-4AC8-B14C-9C671AD2AEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE66EF55-6E6D-4A48-BB35-073E492EE667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E974127A-CD24-49F9-BAE8-E158C73E5E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD31091-B460-4CDD-9060-ADC475102F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "199B0E14-8151-44FF-BB68-5C3F2CEA2D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "460908EA-F6BA-4B87-89C3-F5D554D63A30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history."
},
{
"lang": "es",
"value": "IBM Security QRadar Incident Forensics 7.2.x en versiones anteriores a 7.2.5 Patch 5 pone IDs de sesi\u00f3n en URLs https, lo cual permite a atacantes remotos obtener informaci\u00f3n sensible mediante la lectura de (1) registros de acceso de servidor web, (2) registros Referer de servidor web o (3) el historial del navegador."
}
],
"id": "CVE-2015-1999",
"lastModified": "2024-11-21T02:26:32.607",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-08T22:59:07.950",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968269"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-08 22:59
Modified
2024-11-21 02:26
Severity ?
Summary
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_qradar_incident_forensics | 7.2.0 | |
| ibm | security_qradar_incident_forensics | 7.2.1 | |
| ibm | security_qradar_incident_forensics | 7.2.2 | |
| ibm | security_qradar_incident_forensics | 7.2.3 | |
| ibm | security_qradar_incident_forensics | 7.2.4 | |
| ibm | security_qradar_incident_forensics | 7.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02706E6-8774-4AC8-B14C-9C671AD2AEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE66EF55-6E6D-4A48-BB35-073E492EE667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E974127A-CD24-49F9-BAE8-E158C73E5E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD31091-B460-4CDD-9060-ADC475102F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "199B0E14-8151-44FF-BB68-5C3F2CEA2D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "460908EA-F6BA-4B87-89C3-F5D554D63A30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie."
},
{
"lang": "es",
"value": "IBM Security QRadar Incident Forensics 7.2.x en versiones anteriores a 7.2.5 Patch 5 no incluye el indicador HTTPOnly en una cabecera Set-Cookie para la cookie de sesi\u00f3n, lo cual hace que sea m\u00e1s f\u00e1cil para atacantes remotos obtener informaci\u00f3n potencialmente sensible a trav\u00e9s de una secuencia de comandos de acceso a esta cookie."
}
],
"id": "CVE-2015-1994",
"lastModified": "2024-11-21T02:26:32.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-08T22:59:03.653",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968271"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-08 22:59
Modified
2024-11-21 02:26
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2.x before 7.2.5 Patch 5 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_qradar_incident_forensics | 7.2.0 | |
| ibm | security_qradar_incident_forensics | 7.2.1 | |
| ibm | security_qradar_incident_forensics | 7.2.2 | |
| ibm | security_qradar_incident_forensics | 7.2.3 | |
| ibm | security_qradar_incident_forensics | 7.2.4 | |
| ibm | security_qradar_incident_forensics | 7.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02706E6-8774-4AC8-B14C-9C671AD2AEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE66EF55-6E6D-4A48-BB35-073E492EE667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E974127A-CD24-49F9-BAE8-E158C73E5E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD31091-B460-4CDD-9060-ADC475102F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "199B0E14-8151-44FF-BB68-5C3F2CEA2D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "460908EA-F6BA-4B87-89C3-F5D554D63A30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2.x before 7.2.5 Patch 5 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences."
},
{
"lang": "es",
"value": "Vulnerabilidad CSRF en IBM Security QRadar Vulnerability Manager 7.2.x en versiones anteriores a 7.2.5 Patch 5 permite a atacantes remotos secuestrar la autenticaci\u00f3n de usuarios arbitrarios en peticiones que insertan secuencias XSS."
}
],
"id": "CVE-2015-1997",
"lastModified": "2024-11-21T02:26:32.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-11-08T22:59:06.700",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970140"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}