Critical Severity

Security Bulletin: IBM QRadar SIEM is affected by a remote code execution in Spring Framework (CVE-2022-22963, CVE-2022-22965, CVE-2022-22950)

Share this post:

IBM QRadar SIEM is affected but not vulnerable to a remote code execution in Spring Framework (CVE-2022-22965) as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR (in contrast to a Spring Boot executable jar), 4. Spring-webmvc or spring-webflux dependency, 5. Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions. QVM utilizes the Spring Framework to support our Java backed user interface.. The fix includes Spring 5.3.18.

CVE(s): CVE-2022-22963, CVE-2022-22965, CVE-2022-22950

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
QRadar / QRM / QVM / QRIF / QNI v7.3 7.3.0 – 7.3.3 Fix Pack 11
QRadar / QRM / QVM / QRIF / QNI v7.4 7.4.0 – 7.4.3 Fix Pack 5
QRadar / QRM / QVM / QRIF / QNI v7.5 7.5.0 – 7.5.0 Update Package 1

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6598419
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/223020
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/223103
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/223096

More stories

Security Bulletin: Multiple Vulnerabilities in jackson-databind shipped with IBM Cloud Pak System

August 12, 2022 | Critical Severity

Vulnerabilities identified in jackson-databind shipped with IBM Cloud Pak System. IBM Clous Pak System addresssed vulnerabilities. ...read more


Security Bulletin: Vulnerability in Apache Log4j affects IBM InfoSphere Master Data Management (CVE-2021-44228 )

August 12, 2022 | Critical Severity

There is a vulnerability in the Apache Log4j open source library used by IBM InfoSphere Master Data Management v11.6 and v12.0. ...read more


Security Bulletin: IBM Security Identity Manager Virtual Appliance is vulnerable to arbitrary code execution due to Apache Log4j and other issues (CVE-2021-4104, CVE-2021-45046, CVE-2021-38951)

August 12, 2022 | Critical Severity

IBM Security Identity Manager Virtual Appliance (ISIM VA) is vulnerable to arbitrary code execution due to Apache Log4j CVE-2021-4101 and CVE-2021-45046. Apache Log4j is used by ISIM VA as part of its logging infrastructure. This fix upgrades to Apache Log4j v2.17.1. IBM Security Identity Manager Virtual Appliance (ISIM VA) has also upgraded the other vulnerable components listed below. ...read more