{"containers": {"cna": {"affected": [{"product": "QRadar", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.3.0"}]}, {"product": "Qradar", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.3.3.Patch2"}]}], "datePublic": "2020-04-14T00:00:00", "descriptions": [{"lang": "en", "value": "IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "LOW", "privilegesRequired": "LOW", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 4.8, "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/C:L/UI:R/AV:N/AC:L/PR:L/I:L/A:L/S:U/RC:C/E:U/RL:O", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Gain Privileges", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-21T21:06:04", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.ibm.com/support/pages/node/6189645"}, {"name": "ibm-qradar-cve20204272-file-upload (175898)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175898"}, {"name": "20200421 Arbitrary class instantiation & local file inclusion vulnerability in QRadar Forensics web application", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2020/Apr/40"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2020-04-14T00:00:00", "ID": "CVE-2020-4272", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "QRadar", "version": {"version_data": [{"version_value": "7.3.0"}]}}, {"product_name": "Qradar", "version": {"version_data": [{"version_value": "7.3.3.Patch2"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898."}]}, "impact": {"cvssv3": {"BM": {"A": "L", "AC": "L", "AV": "N", "C": "L", "I": "L", "PR": "L", "S": "U", "UI": "R"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Gain Privileges"}]}]}, "references": {"reference_data": [{"name": "https://www.ibm.com/support/pages/node/6189645", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6189645 (Qradar)", "url": "https://www.ibm.com/support/pages/node/6189645"}, {"name": "ibm-qradar-cve20204272-file-upload (175898)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175898"}, {"name": "20200421 Arbitrary class instantiation & local file inclusion vulnerability in QRadar Forensics web application", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Apr/40"}, {"name": "http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T08:00:06.949Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.ibm.com/support/pages/node/6189645"}, {"name": "ibm-qradar-cve20204272-file-upload (175898)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175898"}, {"name": "20200421 Arbitrary class instantiation & local file inclusion vulnerability in QRadar Forensics web application", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2020/Apr/40"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2020-4272", "datePublished": "2020-04-15T15:13:56.922342Z", "dateReserved": "2019-12-30T00:00:00", "dateUpdated": "2024-09-16T20:43:09.801Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "22384D51-798F-4006-B826-DD80A57E9A2E", "versionEndExcluding": "7.3.3", "versionStartIncluding": "7.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:-:*:*:*:*:*:*", "matchCriteriaId": "7E4BDE03-4F44-4DC9-A8D2-FDF52FE79108", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:p1:*:*:*:*:*:*", "matchCriteriaId": "91CD9DD8-E60C-4361-9912-6F01D03DB8C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:p2:*:*:*:*:*:*", "matchCriteriaId": "A478B6C1-A1C0-4602-BD22-1A9FDEA01B98", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898."}, {"lang": "es", "value": "IBM QRadar versiones 7.3.0 hasta 7.3.3, Parche 2, podr\u00eda permitir a un atacante remoto incluir archivos arbitrarios. Un atacante remoto podr\u00eda enviar una petici\u00f3n especialmente dise\u00f1ada para especificar un archivo malicioso desde un sistema remoto, que podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el servidor vulnerable. IBM X-ForceID: 175898."}], "id": "CVE-2020-4272", "lastModified": "2022-04-18T15:15:29.717", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "version": "3.0"}, "exploitabilityScore": 2.1, "impactScore": 3.4, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-15T16:15:17.753", "references": [{"source": "psirt@us.ibm.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html"}, {"source": "psirt@us.ibm.com", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2020/Apr/40"}, {"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175898"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6189645"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}