CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-38736

IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.3%

CVSS Severity

CVSS v3 Score 7.5

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/262542
https://www.ibm.com/support/pages/node/7030703
https://exchange.xforce.ibmcloud.com/vulnerabilities/262542
https://www.ibm.com/support/pages/node/7030703

Products affected by CVE-2023-38736

Ibm » Qradar Wincollect » Version: 10.0

cpe:2.3:a:ibm:qradar_wincollect:10.0
Ibm » Qradar Wincollect » Version: 10.0.1

cpe:2.3:a:ibm:qradar_wincollect:10.0.1
Ibm » Qradar Wincollect » Version: 10.1.6

cpe:2.3:a:ibm:qradar_wincollect:10.1.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-38736

Products

Pricing

Contact Us