First published: Tue Aug 11 2020(Updated: )
IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to disable the Wincollect service which could aid an attacker in bypassing security mechanisms in future attacks. IBM X-Force ID: 181860.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM QRadar Security Information and Event Manager | >=7.2.0<=7.2.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-4485 is a vulnerability in IBM QRadar 7.2.0 through 7.2.9 that allows an authenticated user to disable the Wincollect service.
CVE-2020-4485 affects IBM QRadar 7.2.0 through 7.2.9 by allowing an authenticated user to disable the Wincollect service.
The severity of CVE-2020-4485 is medium with a CVSS score of 6.5.
An attacker can exploit CVE-2020-4485 by using the vulnerability to disable the Wincollect service, which could aid in bypassing security mechanisms for future attacks.
Yes, IBM has released a fix for CVE-2020-4485. Please refer to the IBM support page for more information.