CVE-2016-2876

Sažetak

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue.

Reference

http://www.securityfocus.com/bid/95001
http://www-01.ibm.com/support/docview.wss?uid=swg21987774

CVSS

Base:	8.5
Impact:	10.0
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

23-12-2016 - 02:59

Objavljeno

30-11-2016 - 18:59