CVE-2018-1649

Published: Oct 5, 2018Modified: Nov 21, 2024

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 144655.

Affected (7)

Products: Ibm: Qradar Incident Forensics

1 product

Qradar Incident Forensics

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Ibm Qradar Incident Forensics	Version 7.2.8 patch13
Ibm Qradar Incident Forensics	Version 7.2.8 patch1
Ibm Qradar Incident Forensics	Version 7.2.8 patch8
Ibm Qradar Incident Forensics	Version 7.3.1 patch3
Ibm Qradar Incident Forensics	Version 7.3.1 patch4

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Qradar Incident Forensics	From 7.2.0 to 7.2.8
Ibm Qradar Incident Forensics	From 7.3.0 to 7.3.1

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/144655

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/docview.wss?uid=ibm10729703

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/144655

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/docview.wss?uid=ibm10729703

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.