CVE-2020-4151: 
IBM QRadar SIEM vulnerability analysis and mitigation

IBM QRadar SIEM was found to be vulnerable to improper input validation, identified as CVE-2020-4151. The vulnerability was discovered in IBM QRadar versions 7.3.0 to 7.3.3 Patch 2, and was disclosed on April 14, 2020. This security flaw could allow an authenticated attacker to perform unauthorized actions in the system (IBM Security Bulletin).

The vulnerability has a CVSS Base score of 6.5 with a vector of CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N. This indicates that the vulnerability requires network access and low privileges to exploit, requires no user interaction, and can result in high impact to integrity while not affecting confidentiality or availability (IBM Security Bulletin).

If exploited, this vulnerability allows an authenticated attacker to perform unauthorized actions within the IBM QRadar SIEM system due to improper input validation. The impact primarily affects system integrity, with no direct impact on confidentiality or availability (IBM Security Bulletin).

IBM has released several fixes for this vulnerability including QRadar/QRM/QVM/QNI 7.4.0 FP1 (SFS), QRadar/QRM/QVM/QRIF/QNI 7.3.3 Patch 3 (SFS), and QRadar/QRM/QVM/QRIF/QNI 7.3.2 Patch 7(SFS). For QRadar Incident Forensics, both ISO and SFS files are available for version 7.4.0 FP1. No workarounds are available, making patch installation the only mitigation option (IBM Security Bulletin).