Log Source Management App for IBM QRadar SIEM is vulnerable in many ways
Because multiple components are vulnerable, attackers can attack systems with Log Source Management App for IBM QRadar SIEM.
(Image: Alfa Photo/Shutterstock.com)
In the current version of the Log Source Management App for the IT security solution IBM QRadar SIEM, the developers have closed several vulnerabilities that could allow attackers to compromise systems.
Install the security update
In a warning message, the developers explain that they have closed several vulnerabilities in various components in the 7.0.11 release. All previous versions are said to be vulnerable. The majority of the vulnerabilities are classified as"high". Attackers can use them for DoS attacks (CVE-2024-45590), among other things. If this works, servers can crash.
However, this also includes a"critical" vulnerability with the highest rating (CVE-2024-47875 CVSS score 10 out of 10). If an attack is successful, malicious code can reach systems in the course of an mXSS attack.
Videos by heise
So far, there are no reports of attacks already in progress. However, admins should not wait too long to install the security update.
(des)
