Vulnerability Description
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains. IBM X-Force ID: 211037.
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Qradar Security Information And Event Manager | >= 7.3.0, < 7.3.3 |
| Linux | Linux Kernel | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/211037VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6574787PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/211037VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6574787PatchVendor Advisory
FAQ
What is CVE-2021-38939?
CVE-2021-38939 is a vulnerability with a CVSS score of 5.3 (MEDIUM). IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains. IBM X-Force ID: 211037.
How severe is CVE-2021-38939?
CVE-2021-38939 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-38939?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Qradar Security Information And Event Manager, Linux Linux Kernel.