Vulnerability Details CVE-2015-1997
Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2.x before 7.2.5 Patch 5 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.2%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2015-1997
-
cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.0
-
cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.1
-
cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.2
-
cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.3
-
cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.4
-
cpe:2.3:a:ibm:security_qradar_incident_forensics:7.2.5