Home Unlabelled IBM Security Bulletin: IBM QRadar SIEM is vulnerable to untrusted XML External Entity uploads. (CVE-2016-2868)

IBM Security Bulletin: IBM QRadar SIEM is vulnerable to untrusted XML External Entity uploads. (CVE-2016-2868)

By
Wednesday, June 22, 2016
Read
Add Comment

XML External Entity injection in the UI of QRadar allows someone with privileges to upload unvalidated XML.

CVE(s): CVE-2016-2868

Affected product(s) and affected version(s):

IBM QRadar SIEM 7.2.n

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/28MbfX5
X-Force Database: http://ift.tt/28PlFJl



from IBM Product Security Incident Response Team http://ift.tt/28Mbe5A
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us