IBM Support

IV89516: SAVED SEARCHES ATTEMPTING TO USE CVE-ID NUMBER DATA IN REFERENCE SETS DO NOT WORK AS EXPECTED

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When searching on the Manage Vulnerabilities screen, when using
    the "Vulnerability Reference" filter with a QRadar Reference
    Set that contains CVE IDs, the set of vulnerabilities returned
    may be incomplete.
    
    This issue can occur if the follow QRadar DB tables become out
    of sync:
    reference_data
    reference_data_key
    
    
    
    The "Vulnerability Reference" filter is used with QRadar
    reference sets containing CVE IDs following these steps:
    
    1)On Vulnerabilites tab, Manage Vulnerabilities screen and
    Search -> Edit Search or New Search.
    
    2) In the Search Parameters section select "Vulnerability
    Reference", "CVE ID", "In" then choose a QRadar Reference Set
    that contains CVE IDs and click Add Filter.
    
    3) Add any other desired filters.
    
    4) Click Search.
    
    When this issue occurs an incomplete set of vulnerabilities is
    displayed.
    

Local fix

  • No workaround available.
    

Problem summary

  • This issue was resolved with QRadar/QRM/QVM/QRIF 7.2.7 Patch 4
    

Problem conclusion

  • This issue was resolved with QRadar/QRM/QVM/QRIF 7.2.7 Patch 4
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV89516

  • Reported component name

    QR VULNERABILIT

  • Reported component ID

    5725QVMSW

  • Reported release

    727

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-09-28

  • Closed date

    2016-10-25

  • Last modified date

    2016-10-25

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    QR VULNERABILIT

  • Fixed component ID

    5725QVMSW

Applicable component levels

  • R727 PSY

       UP

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSHLPS","label":"IBM Security QRadar Vulnerability Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"727","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
25 October 2016