CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2869

Multiple cross-site scripting (XSS) vulnerabilities in the UI in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote authenticated users to inject arbitrary web script or HTML via crafted fields in a URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2016-2869

Ibm » Qradar Security Information And Event Manager » Version: 7.1.0

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0
Ibm » Qradar Security Information And Event Manager » Version: 7.2.0

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0
Ibm » Qradar Security Information And Event Manager » Version: 7.2.1

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1
Ibm » Qradar Security Information And Event Manager » Version: 7.2.2

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2
Ibm » Qradar Security Information And Event Manager » Version: 7.2.3

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3
Ibm » Qradar Security Information And Event Manager » Version: 7.2.4

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4
Ibm » Qradar Security Information And Event Manager » Version: 7.2.5

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5
Ibm » Qradar Security Information And Event Manager » Version: 7.2.6

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2869

Products

Pricing

Contact Us