CVE-2015-4956

HIGH

IBM Security QRadar SIEM 7.1.x - Authenticated OS Command Injection

Title source: llm
STIX 2.1

Description

The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands via unknown vectors.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21967649

Scores

CVSS v3 7.4
EPSS 0.0085
EPSS Percentile 53.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Details

CWE
CWE-78
Status published
Products (1)
ibm/qradar_security_information_and_event_manager 7.1.0
Published Feb 15, 2016
Tracked Since Feb 18, 2026