CNNVD-202506-2592 Information
CNNVD ID
CNNVD-202506-2592
Related CVE
- CNNVD Published: 2025-06-19
Description (Chinese)
IBM QRadar SIEM是美国国际商业机器(IBM)公司的一套利用安全智能保护资产和信息远离高级威胁的解决方案。该方案提供对整个IT架构范围进行监督、生成详细的数据访问和用户活动报告等功能。 IBM QRadar SIEM 7.5至7.5.0 Update Package 12版本存在代码问题漏洞,该漏洞源于处理XML数据时容易受到XML外部实体注入攻击。
Description (English)
IBM QRadar SIEM is a solution for the United States International Business Machine (IBM) to use security intelligence to protect assets and information from advanced threats. The programme provides functions such as monitoring the entire IT architecture, generating detailed data access and user activity reports. IBM QRadar SIEM 7.5 to 7.5.0 Update Package 12 has a code gap, which stems from the vulnerability of XML external entities to infusion when processing XML data.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
国际商业机器
Published
2025-06-19
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7237317 https://vigilance.fr/vulnerability/IBM-QRadar-SIEM-three-vulnerabilities-dated-19-06-2025-47486
Patch
https://www.ibm.com/support/pages/node/7237317
Share on: