CVE-2020-4979: 
IBM QRadar SIEM vulnerability analysis and mitigation

IBM QRadar SIEM versions 7.3 and 7.4 was found to contain a vulnerability related to insecure inter-deployment communication. The vulnerability, identified as CVE-2020-4979, was initially recorded on December 30, 2019, and affects QRadar versions 7.3.0 to 7.3.3 Patch 7 and 7.4.0 to 7.4.2 Patch 2 (IBM Security).

The vulnerability has been assigned a CVSS Base score of 7.5 with a vector of CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. This scoring indicates that the vulnerability requires adjacent network access and high attack complexity, with no privileges or user interaction required. The potential impact includes high severity ratings for confidentiality, integrity, and availability (IBM Security).

If successfully exploited, this vulnerability allows an attacker who can compromise or spoof traffic between hosts to execute arbitrary commands on the affected systems. This poses a significant risk to the security and integrity of the QRadar SIEM deployment (CVE Mitre).

IBM has released patches to address this vulnerability. The fix is available in QRadar/QRM/QVM/QRIF/QNI 7.3.3 Patch 8 and QRadar/QRM/QVM/QRIF/QNI 7.4.2 Patch 3. No workarounds or alternative mitigations are available, making it crucial for affected organizations to apply the provided patches (IBM Security).