IBM Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is vulnerable to security constraint bypass. (CVE-2018-1304, CVE-2018-1305)

Related Vulnerabilities: CVE-2018-1305   CVE-2018-1304  

Public disclosed vulnerability from Apache Tomcat

Share this post:

Public disclosed vulnerability from Apache Tomcat

CVE(s): CVE-2018-1305, CVE-2018-1304

Affected product(s) and affected version(s):

QRadar / QRM / QVM / QRIF / QNI 7.3.0 to 7.3.1 Patch 4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10719117
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139475
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139476