Installing the interim fix for CVE-2013-2970

Fix readme


A vulnerability has been discovered with IBM QRadar SIEM software where an authenticated user can run particular operating system commands on the QRadar Console, which can provide a user limited remote shell access. To resolve this vulnerability, QRadar administrators must install a fix to your QRadar Console. This fix applies to QRadar SIEM Consoles, QRadar Log Manager Consoles or QRadar Network Anomaly Detection Consoles. For more information on this vulnerability, see the security bulletin at
This interim fix can be applied to QRadar 7.0.x and 7.1.x installations.


This interim fix must be installed to the Console in your QRadar deployment to address the vulnerability CVE-2013-2970.

Resolving the problem:
You can resolve this vulnerability by applying the vulnerability CVE-2013-2970 fix to your QRadar Console.


  1. Log in to IBM Support to download FixID
  2. Copy the fix to a directory on your QRadar Console.
  3. Using SSH, log in to your QRadar Console as the root user.
  4. Navigate to the directory containing the fix.
  5. Type the following command to extract the script file: gunzip
  6. Type the following command to apply the fix to your Console: sh
  7. Follow the on-screen instructions to complete the installation.

Related information


Cross reference information
Segment Product Component Platform Version Edition
Security IBM Security QRadar Log Manager
Security IBM Security QRadar Network Anomaly Detection

Rate this page:

(0 users)Average rating

Add comments

Document information

More support for:

IBM Security QRadar SIEM
Admin Console

Software version:

7.0, 7.1

Operating system(s):


Reference #:


Modified date:


Translate my page

Machine Translation

Content navigation