CVE-2021-39088 - Vulnerability Details

Vendors	Products
Ibm	Qradar Security Information And Event Manager
Linux	Linux Kernel

Link	Providers
https://exchange.xforce.ibmcloud.com/vulnerabilities/216111
https://www.ibm.com/support/pages/node/6607129

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "QRadar SIEM", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.4"}, {"status": "affected", "version": "7.5"}]}], "datePublic": "2022-07-26T00:00:00", "descriptions": [{"lang": "en", "value": "IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 6.4, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/I:H/A:H/PR:N/C:H/AC:H/S:U/AV:L/UI:N/E:U/RL:O/RC:C", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Gain Privileges", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-07-28T22:15:13", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.ibm.com/support/pages/node/6607129"}, {"name": "ibm-qradar-cve202139088-priv-escalation (216111)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/216111"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-07-26T00:00:00", "ID": "CVE-2021-39088", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "QRadar SIEM", "version": {"version_data": [{"version_value": "7.3"}, {"version_value": "7.4"}, {"version_value": "7.5"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111."}]}, "impact": {"cvssv3": {"BM": {"A": "H", "AC": "H", "AV": "L", "C": "H", "I": "H", "PR": "N", "S": "U", "UI": "N"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Gain Privileges"}]}]}, "references": {"reference_data": [{"name": "https://www.ibm.com/support/pages/node/6607129", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6607129 (QRadar SIEM)", "url": "https://www.ibm.com/support/pages/node/6607129"}, {"name": "ibm-qradar-cve202139088-priv-escalation (216111)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/216111"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:58:17.738Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.ibm.com/support/pages/node/6607129"}, {"name": "ibm-qradar-cve202139088-priv-escalation (216111)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/216111"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2021-39088", "datePublished": "2022-07-28T22:15:13.524048Z", "dateReserved": "2021-08-16T00:00:00", "dateUpdated": "2024-09-16T19:30:48.153Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : QRadar SIEM (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 7.3 (string)

}

1 : { »

status : affected (string)

version : 7.4 (string)

}

2 : { »

status : affected (string)

version : 7.5 (string)

}

]

}

]

datePublic : 2022-07-26T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111. (string)

}

]

metrics : [ »

0 : { »

cvssV3_0 : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.4 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

exploitCodeMaturity : UNPROVEN (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

remediationLevel : OFFICIAL_FIX (string)

reportConfidence : CONFIRMED (string)

scope : UNCHANGED (string)

temporalScore : 6.4 (number)

temporalSeverity : MEDIUM (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/I:H/A:H/PR:N/C:H/AC:H/S:U/AV:L/UI:N/E:U/RL:O/RC:C (string)

version : 3.0 (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Gain Privileges (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2022-07-28T22:15:13 (string)

orgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

shortName : ibm (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://www.ibm.com/support/pages/node/6607129 (string)

}

1 : { »

name : ibm-qradar-cve202139088-priv-escalation (216111) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/216111 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@us.ibm.com (string)

DATE_PUBLIC : 2022-07-26T00:00:00 (string)

ID : CVE-2021-39088 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : QRadar SIEM (string)

version : { »

version_data : [ »

0 : { »

version_value : 7.3 (string)

}

1 : { »

version_value : 7.4 (string)

}

2 : { »

version_value : 7.5 (string)

}

]

}

]

}

vendor_name : IBM (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111. (string)

}

]

}

impact : { »

cvssv3 : { »

BM : { »

A : H (string)

AC : H (string)

AV : L (string)

C : H (string)

I : H (string)

PR : N (string)

S : U (string)

UI : N (string)

}

TM : { »

E : U (string)

RC : C (string)

RL : O (string)

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Gain Privileges (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.ibm.com/support/pages/node/6607129 (string)

refsource : CONFIRM (string)

title : IBM Security Bulletin 6607129 (QRadar SIEM) (string)

url : https://www.ibm.com/support/pages/node/6607129 (string)

}

1 : { »

name : ibm-qradar-cve202139088-priv-escalation (216111) (string)

refsource : XF (string)

title : X-Force Vulnerability Report (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/216111 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T01:58:17.738Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://www.ibm.com/support/pages/node/6607129 (string)

}

1 : { »

name : ibm-qradar-cve202139088-priv-escalation (216111) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/216111 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

assignerShortName : ibm (string)

cveId : CVE-2021-39088 (string)

datePublished : 2022-07-28T22:15:13.524048Z (string)

dateReserved : 2021-08-16T00:00:00 (string)

dateUpdated : 2024-09-16T19:30:48.153Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "22384D51-798F-4006-B826-DD80A57E9A2E", "versionEndExcluding": "7.3.3", "versionStartIncluding": "7.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A90B7A9-24AC-4890-87AE-BFC2FB674E5A", "versionEndExcluding": "7.4.3", "versionStartIncluding": "7.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:-:*:*:*:*:*:*", "matchCriteriaId": "7E4BDE03-4F44-4DC9-A8D2-FDF52FE79108", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_1:*:*:*:*:*:*", "matchCriteriaId": "2210BF7E-0A1E-4B5A-987B-5687495177F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_10:*:*:*:*:*:*", "matchCriteriaId": "71BA88C2-32A6-42EC-ADB8-27ADD4CDD438", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_11:*:*:*:*:*:*", "matchCriteriaId": "1A5F44A5-3863-4D1A-A764-D6A12C031229", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_2:*:*:*:*:*:*", "matchCriteriaId": "74657D19-83C7-4545-A9EA-A331AC3148A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_3:*:*:*:*:*:*", "matchCriteriaId": "894B299D-26EA-4AC1-AD96-EDA0D1201380", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_4:*:*:*:*:*:*", "matchCriteriaId": "EB125CAB-9CA3-4FAE-84AA-14014E3B1944", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_5:*:*:*:*:*:*", "matchCriteriaId": "BBEB9087-8F33-4C13-AC54-931FDF2F7BAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_6:*:*:*:*:*:*", "matchCriteriaId": "9D4FAEEB-6882-49C8-807B-4312DC701FA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_7:*:*:*:*:*:*", "matchCriteriaId": "CE9321D7-3E9E-4530-A234-861907D8FB00", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_8:*:*:*:*:*:*", "matchCriteriaId": "C975A151-190C-4FDA-8C9E-0731035048A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_9:*:*:*:*:*:*", "matchCriteriaId": "D1343415-3967-43A2-B9A0-A37175174FBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:*", "matchCriteriaId": "55A7F7A4-2736-4CD0-AA68-8837FF8EF5FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_1:*:*:*:*:*:*", "matchCriteriaId": "0EE2F947-9BEB-4036-B0C9-8EB5C70D8168", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_2:*:*:*:*:*:*", "matchCriteriaId": "4E8EDDEC-B529-4647-B8BA-8F76757AEBD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_3:*:*:*:*:*:*", "matchCriteriaId": "8168C98E-B2D6-4525-BBCD-CADAFCDEB9BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_4:*:*:*:*:*:*", "matchCriteriaId": "CC0A36C1-D4C1-4EAE-91B2-72E0C5509ADD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*", "matchCriteriaId": "DACA17CC-8B71-4E71-B075-BFFB65AD989C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*", "matchCriteriaId": "BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111."}, {"lang": "es", "value": "IBM QRadar SIEM versiones 7.3, 7.4 y 7.5, es vulnerable a una escalada de privilegios local, si esto pudiera combinarse con otras vulnerabilidades desconocidas, podr\u00eda llevarse a cabo una escalada de privilegios. IBM X-Force ID: 216111"}], "id": "CVE-2021-39088", "lastModified": "2024-11-21T06:18:34.713", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.4, "impactScore": 5.9, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-28T23:15:07.643", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/216111"}, {"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6607129"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/216111"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6607129"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 22384D51-798F-4006-B826-DD80A57E9A2E (string)

versionEndExcluding : 7.3.3 (string)

versionStartIncluding : 7.3.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7A90B7A9-24AC-4890-87AE-BFC2FB674E5A (string)

versionEndExcluding : 7.4.3 (string)

versionStartIncluding : 7.4.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:-:*:*:*:*:*:* (string)

matchCriteriaId : 7E4BDE03-4F44-4DC9-A8D2-FDF52FE79108 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_1:*:*:*:*:*:* (string)

matchCriteriaId : 2210BF7E-0A1E-4B5A-987B-5687495177F7 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_10:*:*:*:*:*:* (string)

matchCriteriaId : 71BA88C2-32A6-42EC-ADB8-27ADD4CDD438 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_11:*:*:*:*:*:* (string)

matchCriteriaId : 1A5F44A5-3863-4D1A-A764-D6A12C031229 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_2:*:*:*:*:*:* (string)

matchCriteriaId : 74657D19-83C7-4545-A9EA-A331AC3148A4 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_3:*:*:*:*:*:* (string)

matchCriteriaId : 894B299D-26EA-4AC1-AD96-EDA0D1201380 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_4:*:*:*:*:*:* (string)

matchCriteriaId : EB125CAB-9CA3-4FAE-84AA-14014E3B1944 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_5:*:*:*:*:*:* (string)

matchCriteriaId : BBEB9087-8F33-4C13-AC54-931FDF2F7BAC (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_6:*:*:*:*:*:* (string)

matchCriteriaId : 9D4FAEEB-6882-49C8-807B-4312DC701FA1 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_7:*:*:*:*:*:* (string)

matchCriteriaId : CE9321D7-3E9E-4530-A234-861907D8FB00 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_8:*:*:*:*:*:* (string)

matchCriteriaId : C975A151-190C-4FDA-8C9E-0731035048A6 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:fix_pack_9:*:*:*:*:*:* (string)

matchCriteriaId : D1343415-3967-43A2-B9A0-A37175174FBF (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:* (string)

matchCriteriaId : 55A7F7A4-2736-4CD0-AA68-8837FF8EF5FF (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_1:*:*:*:*:*:* (string)

matchCriteriaId : 0EE2F947-9BEB-4036-B0C9-8EB5C70D8168 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_2:*:*:*:*:*:* (string)

matchCriteriaId : 4E8EDDEC-B529-4647-B8BA-8F76757AEBD8 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_3:*:*:*:*:*:* (string)

matchCriteriaId : 8168C98E-B2D6-4525-BBCD-CADAFCDEB9BF (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:fix_pack_4:*:*:*:*:*:* (string)

matchCriteriaId : CC0A36C1-D4C1-4EAE-91B2-72E0C5509ADD (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:* (string)

matchCriteriaId : DACA17CC-8B71-4E71-B075-BFFB65AD989C (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:* (string)

matchCriteriaId : BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 703AF700-7A70-47E2-BC3A-7FD03B3CA9C1 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111. (string)

}

1 : { »

lang : es (string)

value : IBM QRadar SIEM versiones 7.3, 7.4 y 7.5, es vulnerable a una escalada de privilegios local, si esto pudiera combinarse con otras vulnerabilidades desconocidas, podría llevarse a cabo una escalada de privilegios. IBM X-Force ID: 216111 (string)

}

]

id : CVE-2021-39088 (string)

lastModified : 2024-11-21T06:18:34.713 (string)

metrics : { »

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.4 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 1.4 (number)

impactScore : 5.9 (number)

source : psirt@us.ibm.com (string)

type : Secondary (string)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-07-28T23:15:07.643 (string)

references : [ »

0 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : VDB Entry (string)

1 : Vendor Advisory (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/216111 (string)

}

1 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://www.ibm.com/support/pages/node/6607129 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : VDB Entry (string)

1 : Vendor Advisory (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/216111 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://www.ibm.com/support/pages/node/6607129 (string)

}

]

sourceIdentifier : psirt@us.ibm.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object