CVE-2024-51462

Medium

IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper…

ibm·CWE-471·Published 2025-01-17

CVSS

5.3

EPSS

0.00

KEV

Exploits

cve.orgen

181 chars

IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data.

NVDen

181 chars

IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data.

NVDes

208 chars

IBM QRadar WinCollect Agent 10.0.0 a 10.1.12 podría permitir que un atacante remoto inyecte datos XML en valores de parámetros debido a una validación de entrada incorrecta de datos supuestamente inmutables.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.1	Primary	cve.org	4.0	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N