CVE-2016-2868
Published on: 07/02/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:15 PM UTC
Certain versions of Qradar Security Information And Event Manager from Ibm contain the following vulnerability:
IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote authenticated administrators to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
- CVE-2016-2868 has been assigned by
[email protected] to track the vulnerability - currently rated as LOW severity.
CVSS3 Score: 2.7 - LOW
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
|---|---|---|---|---|
| NETWORK | LOW | HIGH | NONE | |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
| UNCHANGED | LOW | NONE | NONE |
CVSS2 Score: 4 - MEDIUM
| Access Vector ⓘ |
Access Complexity |
Authentication |
|---|---|---|
| NETWORK | LOW | SINGLE |
| Confidentiality Impact |
Integrity Impact |
Availability Impact |
| PARTIAL | NONE | NONE |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| Security Bulletin: IBM QRadar SIEM is vulnerable to untrusted XML External Entity uploads. (CVE-2016-2868) | Patch Vendor Advisory www-01.ibm.com text/html |
CONFIRM www-01.ibm.com/support/docview.wss?uid=swg21985774 |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Qradar Security Information And Event Manager | All | All | All | All |
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE