fkie_cve-2018-1728
Vulnerability from fkie_nvd
Published
2018-12-05 17:29
Modified
2024-11-21 04:00
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147707.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/147707 | VDB Entry, Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/docview.wss?uid=ibm10742723 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/147707 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/docview.wss?uid=ibm10742723 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | qradar_incident_forensics | * | |
| ibm | qradar_incident_forensics | * | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.2.8 | |
| ibm | qradar_incident_forensics | 7.3.1 | |
| ibm | qradar_incident_forensics | 7.3.1 | |
| ibm | qradar_incident_forensics | 7.3.1 | |
| ibm | qradar_incident_forensics | 7.3.1 | |
| ibm | qradar_incident_forensics | 7.3.1 | |
| ibm | qradar_incident_forensics | 7.3.1 | |
| ibm | qradar_incident_forensics | 7.3.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:*:*:*:*:*:*:*:*", matchCriteriaId: "21BD7B43-20E4-4BB0-8B6A-0279B2A8609A", versionEndExcluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:*:*:*:*:*:*:*:*", matchCriteriaId: "4C0334B4-F2FF-4FF2-9332-99A784A1DECB", versionEndExcluding: "7.3.1", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:-:*:*:*:*:*:*", matchCriteriaId: "4DC5DF5D-8240-46E3-B6B1-53C6537FEA0D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p1:*:*:*:*:*:*", matchCriteriaId: "3B613958-19C3-47D4-9997-8C9D39A8D1D1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p10:*:*:*:*:*:*", matchCriteriaId: "5C297E30-FAFB-4432-9FA1-2A6A1B7BC4BB", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p11:*:*:*:*:*:*", matchCriteriaId: "C9FB83F1-7F90-4308-BAF3-C8FEE34CE97E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p12:*:*:*:*:*:*", matchCriteriaId: "1BFCD881-F682-49BA-822A-B2100B0545AB", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p13:*:*:*:*:*:*", matchCriteriaId: "6E33BA32-7A94-4844-A1BA-E6E1F4BA693E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p3:*:*:*:*:*:*", matchCriteriaId: "7DD604D9-46CC-4A6F-ABE3-7461CB1C66B9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p4:*:*:*:*:*:*", matchCriteriaId: "F4FDCCEB-F357-4DB4-8BD8-57A658993A1C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p5:*:*:*:*:*:*", matchCriteriaId: "6D22B95D-B523-4065-B5EA-8BA8DD5AA854", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p6:*:*:*:*:*:*", matchCriteriaId: "E8ECD101-34AB-4E19-B436-A2991BBE687F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p7:*:*:*:*:*:*", matchCriteriaId: "2980D256-32C5-4F05-8FA4-B29AF42E31A8", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p8:*:*:*:*:*:*", matchCriteriaId: "459B769B-8407-483B-8122-64E10DBC9CF0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.2.8:p9:*:*:*:*:*:*", matchCriteriaId: "9FC4F686-B150-4647-8AE3-A85FCC64D773", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.3.1:-:*:*:*:*:*:*", matchCriteriaId: "686839F1-5170-412A-A35A-2C757ECE0836", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.3.1:p1:*:*:*:*:*:*", matchCriteriaId: "29774363-82E3-47FB-A8C5-8636ADA784AC", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.3.1:p2:*:*:*:*:*:*", matchCriteriaId: "C09571F4-70DF-49D2-AED1-4AB4D7E7F193", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.3.1:p3:*:*:*:*:*:*", matchCriteriaId: "05254BF1-A6D1-4BFA-B4E7-7B50FBC68192", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.3.1:p4:*:*:*:*:*:*", matchCriteriaId: "2B428267-8C01-4A9E-A700-0182CA3A9FB9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.3.1:p5:*:*:*:*:*:*", matchCriteriaId: "33547012-E214-46A5-8CFB-F8042620A00F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_incident_forensics:7.3.1:p6:*:*:*:*:*:*", matchCriteriaId: "809CD77D-AE15-4F1A-AE31-19A44233B434", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147707.", }, { lang: "es", value: "IBM QRadar SIEM 7.2 y 7.3 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. Esto podría dar lugar a una revelación de credenciales en una sesión de confianza. IBM X-Force ID: 147707.", }, ], id: "CVE-2018-1728", lastModified: "2024-11-21T04:00:15.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "psirt@us.ibm.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-05T17:29:00.553", references: [ { source: "psirt@us.ibm.com", tags: [ "VDB Entry", "Vendor Advisory", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/147707", }, { source: "psirt@us.ibm.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.ibm.com/support/docview.wss?uid=ibm10742723", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "VDB Entry", "Vendor Advisory", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/147707", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.ibm.com/support/docview.wss?uid=ibm10742723", }, ], sourceIdentifier: "psirt@us.ibm.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.