IBM QRadar 7.2 MR2 SQL Injection and SSH Handling Vulnerabilities (CVE-2014-4824/4826) Analysis

Critical Vulnerability Information Vulnerability Overview Product and Version: IBM QRadar 7.2 MR2 Vulnerability Types: - SQL Injection (CVE-2014-4824) - Incorrect Handling of SSH Connection (CVE-2014-4826) Vulnerability Details CVE-2014-4824 - SQL Injection Description: Remote attackers can send specially crafted SQL statements to perform unauthorized insert, update, delete, or query operations on the database. Impact: Requires authentication, but does not require local network access or technical expertise; impacts data integrity, confidentiality, and system availability. CVSS Score: 6.5 Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) CVE-2014-4826 - Incorrect Handling of SSH Connection Description: Remote attackers can capture network traffic to obtain plaintext credentials and other sensitive information. Impact: Does not require local network access or authentication; however, some technical knowledge is needed; only affects confidentiality of information. CVSS Score: 4.3 Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) Affected Products and Versions IBM QRadar 7.2 MR2 Remediation Software Version: IBM QRadar 7.2 MR3 - QRadar 7.2.3 Patch 1 Note: For the SSH vulnerability, refer to the IBM QRadar 7.2 MR3 Administration Guide to configure SSH keys. Workarounds and Mitigations None References and Additional Information Complete CVSS v2 Guide Online CVSS v2 Calculator IBM Security Engineering Network Portal IBM Product Security Incident Response Blog

Goal Reached Thanks to every supporter — we hit 100%!

IBM QRadar 7.2 MR2 SQL Injection and SSH Handling Vulnerabilities (CVE-2014-4824/4826) Analysis