Full title: QRadar Community Edition 7.3.1.6 Default Credentials Vulnerability 
Category: web applications
Platform: php
QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. Using this default password it is possible to download configuration sets containing sensitive information, including (encrypted) credentials and host tokens. With these host tokens it is possible to access other parts of QRadar.

# 0day.today @ http://0day.today/