VDB
CVE-2021-37701
CVE-2021-37701
PUBLISHED
CVSS 8.699999809265137 HIGH
In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
EPSS 0.10% · 27.0th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.10%
27.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM InfoSphere Information Server | |
| IBM | IBM QRadar SIEM 7.5 | |
| IBM | IBM QRadar SIEM | |
| SUSE | SUSE Linux | |
| Gentoo | Gentoo Linux | |
| Oracle | Oracle Linux | |
| Fedora | Fedora Linux | |
| Debian | Debian Linux | |
| IBM | IBM Tivoli Netcool/OMNIbus 8.1.0 | |
| Juniper | Juniper JUNOS | |
| Red Hat | Red Hat Enterprise Linux |
Exploit Intelligence
- nids_rules.yar (github-yara)
- nids_rules.yar (github-yara)
- nids_rules.yar (github-yara)
- nids_rules.yar (github-yara)
- nids_rules.yar (github-yara)
- nids_rules.yar (github-yara)
- nids_rules.yar (github-yara)
- nids_rules.yar (github-yara)
- nids_rules.yar (github-yara)
- Spring4Shell.yara (github-yara)
…and 44 more exploits
Timeline
- Aug 31, 2021 CVE Published
- Sep 1, 2021 EPSS Score
- Oct 29, 2021 EPSS Score
- Dec 26, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 22, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 7, 2022 PoC Published
- Apr 21, 2022 EPSS Score
- Jun 18, 2022 EPSS Score
- Oct 13, 2022 EPSS Score
- Dec 10, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0092.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0092 advisory
- https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases2/ advisory
- https://access.redhat.com/errata/RHSA-2021:3638 advisory
- https://access.redhat.com/errata/RHSA-2021:3639 advisory
- https://access.redhat.com/errata/RHSA-2021:3623 advisory
- http://linux.oracle.com/errata/ELSA-2021-3623.html advisory
- https://access.redhat.com/errata/RHSA-2021:3666 advisory
- http://linux.oracle.com/errata/ELSA-2021-3666.html advisory
- https://access.redhat.com/errata/RHSA-2021:4618 advisory
- https://www.debian.org/security/2021/dsa-5008 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-December/009816.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-December/009853.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-December/009869.html advisory
- https://access.redhat.com/errata/RHSA-2021:5086 advisory
- https://access.redhat.com/errata/RHSA-2022:0041 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-January/010017.html advisory
- https://access.redhat.com/errata/RHSA-2022:0246 advisory
- https://access.redhat.com/errata/RHSA-2022:4914 advisory
- https://access.redhat.com/errata/RHSA-2022:0350 advisory
…and 32 more