VDB
CVE-2019-4470
CVE-2019-4470
PUBLISHED
CVSS 5.400000095367432 MEDIUM
IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163779.
EPSS 0.24% · 47.2th percentile
Risk Scores
CVSS 3.0
5.400000095367432
CVSS:3.0/C:L/A:N/AC:L/AV:N/S:C/I:L/PR:L/UI:R/RC:C/RL:O/E:H
EPSS Score
0.24%
47.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ibm | qradar_security_information_and_event_manager | 7.3.0, 7.3.2, 7.3.2 |
| IBM | QRadar | 7.3.2Patch4, 7.3.0 |
Exploit Intelligence
- shoucheng3/x-stream__xstream_CVE-2013-7285_1-4-6 (github-poc)
- shoucheng3/x-stream__xstream_CVE-2013-7285_1-4-6 (github-poc)
- shoucheng3/x-stream__xstream_CVE-2013-7285_1-4-6 (github-poc)
- shoucheng3/x-stream__xstream_CVE-2013-7285_1-4-6 (github-poc)
- https://www.ibm.com/support/pages/node/1103517 (circl)
- ibm-qradar-cve20194470-xss (163779) (circl)
Timeline
- Nov 9, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11004&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10997&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11002&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10994&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11003&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10998&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11010&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11013&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11009&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11016&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10999&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11014&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11006&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11008&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11005&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11001&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10996&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11007&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11000&cat=SIRT_1&actp=LIST advisory
- https://www.ibm.com/support/pages/node/1103517 url
…and 2 more