CVE-2016-9724

Summary

IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 1999537.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationQRadar SIEM7.1 MR1affected
IBM CorporationQRadar SIEM7.1affected
IBM CorporationQRadar SIEM7.0affected
IBM CorporationQRadar SIEM7.2affected
IBM CorporationQRadar SIEM7.1 MR2affected
IBM CorporationQRadar SIEM7affected
IBM CorporationQRadar SIEM7.2.3affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References