CVE-2015-5044

The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x before 7.2.5 Patch 4 IF3 allows remote attackers to cause a denial of service via unspecified packets.

CVSS v2.0 3.3 LOW

3.3^/10

CVSS v2.0 : LOW

Vector : AV:A/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=swg21969422	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.0:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.1:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:::::::*

History

No history.

Information

Published : 2015-11-08 22:59

Updated : 2024-02-04 18:53

NVD link : CVE-2015-5044

Mitre link : CVE-2015-5044

CVE.ORG link : CVE-2015-5044

JSON object : View

Products Affected

ibm

qradar_security_information_and_event_manager

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2015-5044", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-11-08T22:59:18.643", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969422", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x before 7.2.5 Patch 4 IF3 allows remote attackers to cause a denial of service via unspecified packets."}, {"lang": "es", "value": "El Flow Collector en IBM Security QRadar QFLOW 7.1.x en versiones anteriores a 7.1 MR2 Patch 11 IF3 y 7.2.x en versiones anteriores a 7.2.5 Patch 4 IF3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de paquetes no especificados."}], "lastModified": "2015-11-09T20:12:56.687", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB62532B-34BD-4493-A5CF-3397C53EC7DE"}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7423F75-504A-4907-A384-FD26D1A19B50"}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF"}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C137959-2279-4459-8A10-43AFE09E2641"}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39D53329-E729-43C1-8C67-EFA4C3F7BFBC"}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FC4EDCA-DF37-4366-B944-F342FA55EEFD"}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09D0DA15-7DC3-4B1E-9CD9-EFC7FE4C0FEA"}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76CA942D-70AD-4E0D-A28E-443FB7140A54"}, {"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6BE1C0B-DCDE-40E9-80AE-F9117FA23F68"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}