VDB
CVE-2021-3918
CVE-2021-3918
PUBLISHED
CVSS 8.699999809265137 HIGH
In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
EPSS 1.26% · 79.7th percentile
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
1.26%
79.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle PeopleSoft 8.58 | |
| Oracle | Oracle PeopleSoft 8.59 | |
| Atlassian | Atlassian Bitbucket <10.0.2 | |
| IBM | IBM Tivoli Netcool/OMNIbus | |
| IBM | IBM Spectrum Protect <10.1.14 | |
| NetApp | NetApp ActiveIQ Unified Manager | |
| HCL | HCL Domino | |
| IBM | IBM Spectrum Protect 8.1 | |
| Atlassian | Atlassian Bitbucket <9.4.13 (LTS) | |
| IBM | IBM Cognos Analytics <11.1.7 FP5 | |
| Red Hat | Red Hat Enterprise Linux | |
| Ubuntu | Ubuntu Linux | |
| HCL | HCL BigFix | |
| Open Source | Open Source Node.js | |
| Debian | Debian Linux | |
| Oracle | Oracle PeopleSoft 8.60 | |
| SUSE | SUSE Linux | |
| Atlassian | Atlassian Bitbucket <8.19.25 (LTS) | |
| Oracle | Oracle PeopleSoft 9.2 | |
| IBM | IBM Cognos Analytics <11.2.3 |
…and 4 more
Timeline
- Oct 23, 2018 PoC Published
- Nov 13, 2021 CVE Published
- Nov 14, 2021 EPSS Score
- Jan 8, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jun 23, 2022 EPSS Score
- Oct 13, 2022 EPSS Score
- Dec 7, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- May 22, 2023 EPSS Score
- Sep 10, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0103.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0103 advisory
- https://access.redhat.com/errata/RHSA-2022:0246 advisory
- https://access.redhat.com/errata/RHSA-2022:0350 advisory
- http://linux.oracle.com/errata/ELSA-2022-0350.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-February/010279.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-February/010304.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-February/010307.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-February/010306.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-March/010326.html advisory
- https://access.redhat.com/errata/RHSA-2022:0595 advisory
- https://access.redhat.com/errata/RHSA-2022:0735 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-March/010344.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-March/010355.html advisory
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0096877 advisory
- https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994/ advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011058.html advisory
- https://access.redhat.com/errata/RHSA-2022:4711 advisory
- https://access.redhat.com/errata/RHSA-2022:4814 advisory
- https://access.redhat.com/errata/RHSA-2022:4914 advisory
…and 35 more