QRadar Community Edition 7.3.1.6 Path Traversal
Posted by deepcore on April 22, 2020 – 5:23 pm
QRadar Community Edition version 7.3.1.6 has a path traversal that exists in the session validation functionality. In particular, the vulnerability is present in the part that handles session tokens (UUIDs). QRadar fails to validate if the user-supplied token is in the correct format. Using path traversal it is possible for authenticated users to impersonate other users, and also to executed arbitrary code (via Java deserialization). The code will be executed with the privileges of the Tomcat system user.
Post a reply
You must be logged in to post a comment.