Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

IBM Fixes Vulnerability in QRadar SIEM Discovered by Positive Technologies

  • The vulnerability could be used to execute attacks on internal corporate networks

The Server-Side Request Forgery (SSRF) vulnerability identified in IBM QRadar SIEM by Positive Technologies expert Mikhail Klyuchnikov has an average severity level (CVSS 5.4). The IBM QRadar SIEM event monitoring and correlation system is one of the world’s leading SIEM systems.

The error is known as CVE-2020-4786. By exploiting it, attackers can send requests on behalf of the system, obtain information about the network infrastructure, and thus facilitate further attacks.

Recommended AI News: DISQO and Research Results Forge New Managed Services Partnership

Related Posts
1 of 40,643

Mikhail Klyuchnikov at Positive Technologies explains: “Using this vulnerability, authorized attackers can send requests for certain protocols on behalf of the server to both the internal and external networks. When sending requests to the internal network, they can learn more about this network by obtaining information about network hosts and their open ports. In addition, in some cases, attackers can exploit known vulnerabilities in software located on the internal network, which would allow them to develop the attack.”

Recommended AI News: SymphonyAI Names Charles Zedlewski Operating Partner as Demand for Enterprise AI Accelerates

The issue affects IBM QRadar SIEM versions 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5. To fix the vulnerability, update the product to the latest versions in accordance with the manufacturer’s recommendations.

Recommended AI News: Infosys Announces Canadian Expansion to Calgary, Doubling Canadian Workforce to 4,000 by 2023

2 Comments
  1. Iron and steel recycling says

    Scrap metal restoration Ferrous material storage Iron waste reclaiming

    Ferrous material incident reporting, Scrap iron reuse, Scrap metal trade associations

  2. Scrap copper waste disposal Copper scrap disposal Scrap metal recycling facility
    Copper cable scrap recycling services, Metal reprocessing facility, Copper scrap material analysis

Leave A Reply

Your email address will not be published.