CVE-2020-4272

HIGH

IBM Qradar Security Information And Event Manager - Path Traversal

Title source: rule

Description

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898.

References (4)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2020/Apr/40

[VDB Entry, Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/175898

[Vendor Advisory] https://www.ibm.com/support/pages/node/6189645

Scores

CVSS v3 8.8

EPSS 0.0511

EPSS Percentile 89.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-22 CWE-502

Status published

Affected Products (4)

ibm/qradar_security_information_and_event_manager < 7.3.3

ibm/qradar_security_information_and_event_manager

ibm/qradar_security_information_and_event_manager

ibm/qradar_security_information_and_event_manager

Timeline

Published Apr 15, 2020

Tracked Since Feb 18, 2026