For those are not aware of the vulnerability, this vulnerability will be able for the malicious attacker or remote attacker to even execute any malicious and arbitrary command on the system.
The full details of the vulnerability can be seen as follows:
- Vulnerabilities CVE: CVE-2020-4280
- CvssV3 score: 8.8 High (NVD) and 6.6 Medium (IBM Corporation)
- Vendor score: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD) and CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L (IBM Corporation)
- Affected machine: IBM QRadar SIEM 7.3 and 7.4
How it works?
This vulnerability can exploit the vulnerability when a group of attacker creating a malicious serialized object that might lead to several attacks such as follows:
- Denial Of Service
- Change of System Settings
- Execution of arbitrary code
By this action, it will result by insecure deserialization of any Java deserialization function that been supported with user-supplied content. A malicious attacker will send a bunch of malicious serialized Java object which can lead to exploiting the vulnerability via an arbitrary command on the system.
The vulnerability URL can be seen as been shown below: