← back
CVE-2018-1612

CVE-2018-1612

CVSS 5.8 MEDIUMEPSS 57.0%
In short

IBM QRadar Incident Forensics in versions 7.2 and 7.3 has a flaw that allows someone to skip the login process and access sensitive information without proper credentials.

Technical detail

A remote authentication bypass vulnerability exists in IBM QRadar Incident Forensics 7.2 and 7.3, enabling unauthenticated access to sensitive data. The attack vector is network-based with no user interaction required, and successful exploitation results in unauthorized information disclosure.

Summary generated and translated by AI from the official description.
IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information. IBM X-Force ID: 144164.
CVSS:3.0/A:N/AC:L/AV:N/C:L/I:N/PR:N/S:C/UI:N/E:U/RC:C/RL:O
Affected products
IBM · QRadar SIEM
public PoCs found2
cve_referencewww.exploit-db.com/exploits/45005/unverifiedexploitdbwww.exploit-db.com/exploits/45005unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/144164https://www.exploit-db.com/exploits/45005/http://www-01.ibm.com/support/docview.wss?uid=swg22017062