CVE-2020-4888 in QRadar SIEMinformazioni

Riassunto

di MITRE • 29/01/2021

IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 190912.

Be aware that VulDB is the high quality source for vulnerability data.

Responsabile

IBM Corporation

Prenotare

30/12/2019

Divulgazione

29/01/2021

Moderazione

accettato

CPE

pronto

EPSS

0.61964

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!