VDB
CVE-2021-37136
CVE-2021-37136
PUBLISHED
CVSS 8.699999809265137 HIGH
In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
EPSS 1.19% · 79.2th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
1.19%
79.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hitachi | Hitachi Ops Center | |
| Oracle | Oracle Fusion Middleware 14.1.1.0.0 | |
| IBM | IBM QRadar SIEM 7.5 | |
| Oracle | Oracle Fusion Middleware 8.5.6 | |
| Dell | Dell Data Protection Advisor <19.12 SP 1 | |
| Oracle | Oracle Fusion Middleware 12.2.1.4.0 | |
| Red Hat | Red Hat OpenShift Application Runtimes 1.0 | |
| Oracle | Oracle Fusion Middleware 12.2.1.3.0 | |
| Red Hat | Red Hat JBoss A-MQ Streams <2.4.0 | |
| Dell | Dell PowerEdge | |
| JFrog | JFrog Artifactory <7.46.3 | |
| Fedora | Fedora Linux | |
| Dell | Dell ECS <3.8.1.0 | |
| Red Hat | Red Hat Enterprise Linux | |
| SUSE | SUSE Linux |
Exploit Intelligence
- druid-612f0710.json (github-poc)
- druid-612f0710.json (github-poc)
- druid-612f0710.json (github-poc)
- druid-612f0710.json (github-poc)
- druid-612f0710.json (github-poc)
- druid-612f0710.json (github-poc)
- druid-612f0710.json (github-poc)
- druid-612f0710.json (github-poc)
- dependency-check-suppression.xml (github-poc)
- dependency-check-suppression.xml (github-poc)
…and 6 more exploits
Timeline
- CVE Published
- Oct 20, 2021 EPSS Score
- Dec 4, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 8, 2022 EPSS Score
- Feb 10, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jun 2, 2022 EPSS Score
- Jul 29, 2022 EPSS Score
- Nov 19, 2022 EPSS Score
- Jan 14, 2023 EPSS Score
- Mar 11, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0097.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0097 advisory
- https://access.redhat.com/errata/RHSA-2021:3959 advisory
- https://access.redhat.com/errata/RHSA-2021:4851 advisory
- https://access.redhat.com/errata/RHSA-2021:5128 advisory
- https://access.redhat.com/errata/RHSA-2021:5129 advisory
- https://access.redhat.com/errata/RHSA-2021:5127 advisory
- https://access.redhat.com/errata/RHSA-2022:0138 advisory
- https://access.redhat.com/errata/RHSA-2022:0520 advisory
- https://access.redhat.com/errata/RHSA-2022:0589 advisory
- https://access.redhat.com/errata/RHSA-2022:1013 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-April/010773.html advisory
- https://access.redhat.com/errata/RHSA-2022:2217 advisory
- https://access.redhat.com/errata/RHSA-2022:2216 advisory
- https://access.redhat.com/errata/RHSA-2022:2218 advisory
- https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-115/index.html advisory
- https://access.redhat.com/errata/RHSA-2022:4922 advisory
- https://access.redhat.com/errata/RHSA-2022:4918 advisory
- https://access.redhat.com/errata/RHSA-2022:4919 advisory
- https://access.redhat.com/errata/RHSA-2022:5903 advisory
…and 24 more