March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Advisory – CVE-2021-27737 – Apache Traffic Server denial of service
May 17, 2021
Rewterz Threat Advisory – CVE-2021-22908 – Pulse Connect Secure Buffer Overflow Vulnerability
May 17, 2021
Rewterz Threat Advisory – CVE-2021-27737 – Apache Traffic Server denial of service
May 17, 2021
Rewterz Threat Advisory – CVE-2021-22908 – Pulse Connect Secure Buffer Overflow Vulnerability
May 17, 2021
Severity
Medium
Analysis Summary
CVE-2021-20391
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system.
CVE-2021-20429
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due to an overly permissive cross-domain policy.
CVE-2021-20393
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
Impact
Obtain Information
Affected Vendors
IBM
Affected Products
- IBM QRadar SIEM 1.0.0
- IBM QRadar SIEM 4.1.1
Remediation
Refer to IBM Security Bulletin 6453103 for patch, upgrade or suggested workaround information