CVE-2014-0838

critical

Description

The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to execute arbitrary console commands by leveraging control of the server.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90681

http://www.securityfocus.com/bid/65127

http://www-01.ibm.com/support/docview.wss?uid=swg21663066

http://osvdb.org/102553

Details

Source: Mitre, NVD

Published: 2014-01-30

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00706