← voltar
CVE-2020-4271

CVE-2020-4271

CVSS 6.3 MEDIUMEPSS 1.7%
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.3EPSS 1.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
15 abr 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897.
CVSS:3.0/I:L/A:L/S:U/C:L/UI:N/AV:N/AC:L/PR:L/RC:C/RL:O/E:U
Produtos afetados
IBM · Qradar

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Object-Injection.htmlhttp://seclists.org/fulldisclosure/2020/Apr/39https://exchange.xforce.ibmcloud.com/vulnerabilities/175897https://www.ibm.com/support/pages/node/6189651