CVE-2016-9738 : IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords

IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 119783.

Published 2017-06-27 16:29:00

Updated 2017-06-30 14:24:56

Source IBM Corporation

View at NVD, CVE.org

Products affected by CVE-2016-9738

IBM » Qradar Security Information And Event Manager » Version: 7.2.0
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.2
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.4
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.1
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.5
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.6
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.7
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.8
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.3.0
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.0:*:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.8 Update P4
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.8 Update P2
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.3.0 Update P1
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.0:p1:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.8 Update P6
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.8 Update P5
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.8 Update P3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*
Matching versions
IBM » Qradar Security Information And Event Manager » Version: 7.2.8 Update P1
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-9738

EPSS FAQ

0.30%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 51 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-9738

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2016-9738

CWE-254

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-9738

http://www.ibm.com/support/docview.wss?uid=swg22004926

IBM Security Bulletin: IBM QRadar SIEM has weak password requirements. (CVE-2016-9738)
Patch;Vendor Advisory
http://www.securityfocus.com/bid/99266

IBM QRadar SIEM CVE-2016-9738 Security Bypass Vulnerability
Third Party Advisory;VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/119783

IBM QRadar information disclosure CVE-2016-9738 Vulnerability Report
Vendor Advisory

Jump to

Vulnerability Details : CVE-2016-9738

Products affected by CVE-2016-9738

Exploit prediction scoring system (EPSS) score for CVE-2016-9738

CVSS scores for CVE-2016-9738

CWE ids for CVE-2016-9738

References for CVE-2016-9738