CVE-2020-4789 is a vulnerability in IBM Qradar Security Information Event Manager
Published on January 27, 2021
IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 189302.
Products Associated with CVE-2020-4789
Want to know whenever a new CVE is published for IBM Qradar Security Information Event Manager? stack.watch will email you.
Affected Versions
IBM QRadar SIEM:- Version 7.3.0 is affected.
- Version 7.4.0 is affected.
- Version 7.3.3 Patch 5 is affected.
- Version 7.4.1 Patch 1 is affected.
- Version 7.4.2.GA is affected.
- Version 7.4.2 Patch 1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.