← back
CVE-2020-4271

CVE-2020-4271

CVSS 6.3 MEDIUMEPSS 1.7%
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897.
CVSS:3.0/I:L/A:L/S:U/C:L/UI:N/AV:N/AC:L/PR:L/RC:C/RL:O/E:U
Affected products
IBM · Qradar

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Object-Injection.htmlhttp://seclists.org/fulldisclosure/2020/Apr/39https://exchange.xforce.ibmcloud.com/vulnerabilities/175897https://www.ibm.com/support/pages/node/6189651