Vulnerability Details : CVE-2019-4672
IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 171438.
Products affected by CVE-2019-4672
- cpe:2.3:a:ibm:qradar_advisor:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-4672
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 20 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-4672
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
|
5.3
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.9
|
1.4
|
IBM Corporation | |
|
5.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.9
|
1.4
|
NIST |
References for CVE-2019-4672
-
https://www.ibm.com/support/pages/node/3379965
Security Bulletin: IBM QRadar Advisor With Watson App for IBM QRadar SIEM is vulnerable to information exposure (CVE-2019-4672)Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/171438
IBM QRadar Advisor information disclosure CVE-2019-4672 Vulnerability ReportVDB Entry;Vendor Advisory
Jump to