Skip to main content

Qradar Incident Forensics CVE-2018-1649

MEDIUM
Path Traversal (CWE-22)
2018-10-05 psirt@us.ibm.com
6.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Oct 05, 2018 - 13:29 nvd
MEDIUM 6.5

DescriptionNVD

IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 144655.

AnalysisAI

IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Technical ContextAI

This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 144655. Affected products include: Ibm Qradar Incident Forensics.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.

CVE-2016-9726 HIGH
8.8 Mar 07

IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the syste

CVE-2016-9727 HIGH
8.5 Mar 07

IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. Rated high sever

CVE-2018-1648 HIGH
7.5 Dec 05

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt h

CVE-2018-1647 HIGH
7.5 Oct 05

IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict the size or amount of resources requested which cou

CVE-2016-9723 MEDIUM
6.1 Mar 07

IBM QRadar 7.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely e

CVE-2018-1650 MEDIUM
5.5 Dec 05

IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass the authentication confi

CVE-2017-1133 MEDIUM
5.4 Mar 07

IBM QRadar 7.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely e

CVE-2018-1728 MEDIUM
5.4 Dec 05

IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability

CVE-2016-9720 MEDIUM
5.3 Mar 07

IBM QRadar 7.2 discloses sensitive information to unauthorized users. Rated medium severity (CVSS 5.3), this vulnerabili

CVE-2016-9730 MEDIUM
4.3 Mar 07

IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute m

CVE-2018-1568 LOW
3.3 Dec 05

IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. Rated

CVE-2025-36042 MEDIUM
5.4 Aug 22

IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), thi

Share

CVE-2018-1649 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy