IBM Security Bulletin: IBM QRadar SIEM and Incident Forensics are vulnerable to a path traversal attack. (CVE-2016-2872)
Vulnerabilities found in both QRadar SIEM and Incident Forensics allow for path traversal via improperly handled parameters.
CVE(s): CVE-2016-2872
Affected product(s) and affected version(s):
· IBM QRadar SIEM 7.2.n
· IBM QRadar Incident Forensics 7.2.n
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/28Mbf9F
X-Force Database: http://ift.tt/28PltKe
from IBM Product Security Incident Response Team http://ift.tt/28MbjGs