CVE-2016-2876

high

Description

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue.

References

http://www.securityfocus.com/bid/95001

http://www-01.ibm.com/support/docview.wss?uid=swg21987774

Details

Source: Mitre, NVD

Published: 2016-11-30

Updated: 2026-05-06

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.01257