IBM Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.

CVE(s): CVE-2017-16939, CVE-2018-1000199, CVE-2018-10675, CVE-2018-1068, CVE-2018-1087, CVE-2018-1091, CVE-2018-3620, CVE-2018-3646, CVE-2018-3665, CVE-2018-3693, CVE-2018-5390, CVE-2018-7566, CVE-2018-8897

Affected product(s) and affected version(s):

IBM QRadar SIEM 7.3.0 to 7.3.1 Patch 6

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10742755
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/135317
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142654
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142895
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140403
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142976
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140892
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148318
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148319
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144757
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146191
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147950
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141112
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142242

The post IBM Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2SqMGEr