IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue.
http://www.securityfocus.com/bid/95001
http://www-01.ibm.com/support/docview.wss?uid=swg21987774
Source: Mitre, NVD
Published: 2016-11-30
Updated: 2026-05-06
Base Score: 8.5
Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C
Severity: High
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS: 0.01257