VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 27, 2014· Updated May 6, 2026

CVE-2014-3062

CVE-2014-3062

Description

Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

IBM QRadar SIEM 7.1 MR2 and 7.2 MR2 contain a remote code execution vulnerability allowing unauthenticated attackers to gain root access.

Vulnerability

IBM Security QRadar SIEM versions 7.1 MR2 and 7.2 MR2 contain an unspecified remote code execution vulnerability. The attack does not require authentication or local network access, but moderately specialized knowledge and techniques are needed. The vulnerability allows an attacker to execute arbitrary code with root privileges [1].

Exploitation

An attacker with high knowledge of the system and product operation can exploit this vulnerability remotely without authentication. The attack complexity is medium, meaning that specific conditions or techniques are required. No user interaction is needed [1].

Impact

Successful exploitation results in complete compromise of confidentiality, integrity, and availability of the affected system. The attacker gains root-level access, allowing full control over the QRadar appliance [1].

Mitigation

IBM has released fixes: for QRadar SIEM 7.2 MR2, upgrade to version 7.2 MR3; for QRadar SIEM 7.1 MR2, apply Patch 8 (scheduled for release on October 6, 2014) [1].

References
  1. Security Bulletin: Unspecified weaknesses in the QRadar appliance 7.1 MR2 and 7.2 MR2 could allow an external attacker to obtain root access to the system. (CVE-2014-3062)

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3
  • IBM/Qradar Security Information And Event Manager2 versions
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:*:*:*:*:*:*:*
  • IBM/Security QRadar SIEMllm-fuzzy
    Range: 7.1 MR2, 7.2 MR2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.