Skip to main content

Qradar Incident Forensics CVE-2016-9726

HIGH
Improper Input Validation (CWE-20)
2017-03-07 psirt@us.ibm.com
8.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 07, 2017 - 17:59 cve.org
HIGH 8.8

DescriptionCVE.org

IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference #: 1999542.

AnalysisAI

IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-20. IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference #: 1999542. Affected products include: Ibm Qradar Incident Forensics, Ibm Qradar Security Information And Event Manager.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2016-9727 HIGH
8.5 Mar 07

IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. Rated high sever

CVE-2018-1648 HIGH
7.5 Dec 05

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt h

CVE-2018-1647 HIGH
7.5 Oct 05

IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict the size or amount of resources requested which cou

CVE-2018-1649 MEDIUM
6.5 Oct 05

IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. Rated med

CVE-2016-9723 MEDIUM
6.1 Mar 07

IBM QRadar 7.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely e

CVE-2018-1650 MEDIUM
5.5 Dec 05

IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass the authentication confi

CVE-2017-1133 MEDIUM
5.4 Mar 07

IBM QRadar 7.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely e

CVE-2018-1728 MEDIUM
5.4 Dec 05

IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability

CVE-2016-9720 MEDIUM
5.3 Mar 07

IBM QRadar 7.2 discloses sensitive information to unauthorized users. Rated medium severity (CVSS 5.3), this vulnerabili

CVE-2016-9730 MEDIUM
4.3 Mar 07

IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute m

CVE-2018-1568 LOW
3.3 Dec 05

IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. Rated

CVE-2025-36042 MEDIUM
5.4 Aug 22

IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), thi

Share

CVE-2016-9726 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy