IBM Security Bulletin: IBM QRadar SIEM has weak password requirements. (CVE-2016-9738)

The product does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

CVE(s): CVE-2016-9738

Affected product(s) and affected version(s):

· IBM QRadar SIEM 7.2.0 – 7.2.8 Patch 6

· IBM QRadar SIEM 7.3.0 – 7.3.0 Patch 1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2sMTWz0
X-Force Database: http://ift.tt/2s2tIva

The post IBM Security Bulletin: IBM QRadar SIEM has weak password requirements. (CVE-2016-9738) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2sMOTyh