CVE-2014-0838

EUVD-2014-0868
The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to execute arbitrary console commands by leveraging control of the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Affected Products (NVD)
VendorProductVersion
ibmqradar_security_information_and_event_manager
𝑥
≤ 7.2.0
𝑥
= Vulnerable software versions
References
http://osvdb.org/102553
http://www-01.ibm.com/support/docview.wss?uid=swg21663066
http://www.securityfocus.com/bid/65127
https://exchange.xforce.ibmcloud.com/vulnerabilities/90681
http://osvdb.org/102553
http://www-01.ibm.com/support/docview.wss?uid=swg21663066
http://www.securityfocus.com/bid/65127
https://exchange.xforce.ibmcloud.com/vulnerabilities/90681