VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 17, 2025· Updated Feb 12, 2025

IBM QRadar WinCollect Agent data manipulation

CVE-2024-51462

Description

IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data.

Affected products

2
  • IBM/QRadar WinCollect Agentcpe-rescue2 versions
    cpe:2.3:a:ibm:qradar_wincollect:10.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:qradar_wincollect:10.0:*:*:*:*:*:*:*range: 10.0.0
    • (no CPE)range: >=10.0.0 <=10.1.12

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.