CVE-2014-4829 in QRadar Risk Managerinformazioni

Riassunto

di MITRE

Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

09/07/2014

Divulgazione

27/11/2014

Moderazione

accettato

Voce

VDB-73013

CPE

pronto

CWE

CWE-352 (confermato)

CVSS

6.3 (VulDB)

EPSS

0.00560

KEV

Attività

molto basso

Settore

Chemical, Government, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-4829
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-4829
CVE Details	https://www.cvedetails.com/cve/CVE-2014-4829/

◂ Precedente Visione D'ensemble Il prossimo ▸

Interested in the pricing of exploits?

See the underground prices here!