High Severity

Security Bulletin: IBM QRadar is vulnerable to an XML External Entity Injection (XXE) attack (CVE-2020-4509)

Share this post:

IBM QRadar is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data

Affected product(s) and affected version(s):

All SDEE protocol versions before 7.3.0-QRADAR-PROTOCOL-SDEE-7.3-20200429181957

All SDEE protocol versions before 7.4.0-QRADAR-PROTOCOL-SDEE-7.4-20200429181942

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6220154

More stories

Security Bulletin: IBM TNPM Wireline is vulnerable to Apache Commons Codec.

Nov 23, 2020 7:00 pm EST | High Severity

There is a vulnerability in Apache Commons Codec API that is used by IBM TNPM Wireline . This has been addressed. ...read more


Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities – IBM SDK, Java Technology Edition v8.0.6.11

Nov 23, 2020 7:00 pm EST | High Severity

There are multiple vulnerabilities associated with IBM jdk 8.0.6.11 as listed below: ...read more