CVE-2014-0838

The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to execute arbitrary console commands by leveraging control of the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
ibmqradar_security_information_and_event_manager
𝑥
≤ 7.2.0
𝑥
= Vulnerable software versions
References
http://osvdb.org/102553
http://www-01.ibm.com/support/docview.wss?uid=swg21663066
http://www.securityfocus.com/bid/65127
https://exchange.xforce.ibmcloud.com/vulnerabilities/90681
http://osvdb.org/102553
http://www-01.ibm.com/support/docview.wss?uid=swg21663066
http://www.securityfocus.com/bid/65127
https://exchange.xforce.ibmcloud.com/vulnerabilities/90681