Description
IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 1999537.
Affected products
- IBM Corporation / QRadar SIEM7.1 MR1 – 7.1 MR1
- IBM Corporation / QRadar SIEM7.1 – 7.1
- IBM Corporation / QRadar SIEM7.0 – 7.0
- IBM Corporation / QRadar SIEM7.2 – 7.2
- IBM Corporation / QRadar SIEM7.1 MR2 – 7.1 MR2
- IBM Corporation / QRadar SIEM7 – 7
- IBM Corporation / QRadar SIEM7.2.3 – 7.2.3