ByteOS Network

NVD Vulnerability Details :

CVE-2014-0838

Deferred

Source-psirt@us.ibm.com

Published At-30 Jan, 2014 | 05:17

Updated At-11 Apr, 2025 | 00:51

The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to execute arbitrary console commands by leveraging control of the server.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

IBM Corporation

>>qradar_security_information_and_event_manager>>Versions up to 7.2.0(inclusive)

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-noinfo	Primary	nvd@nist.gov

CWE ID: NVD-CWE-noinfo

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://osvdb.org/102553	psirt@us.ibm.com	N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21663066	psirt@us.ibm.com	Vendor Advisory
http://www.securityfocus.com/bid/65127	psirt@us.ibm.com	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/90681	psirt@us.ibm.com	N/A
http://osvdb.org/102553	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21663066	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.securityfocus.com/bid/65127	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/90681	af854a3a-2127-422b-91ae-364da2661108	N/A