Описание
IBM QRadar SIEM 7.2.8 WinCollect could allow an attacker to obtain sensitive information by spoofing a trusted entity using man in the middle techniques due to not validating or incorrectly validating a certificate. IBM X-Force ID: 160072.
Ссылки
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.1.2 (включая) до 7.2.8 (исключая)
Одно из
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00117
Низкий
5.9 Medium
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-295
Связанные уязвимости
CVSS3: 5.9
github
больше 3 лет назад
IBM QRadar SIEM 7.2.8 WinCollect could allow an attacker to obtain sensitive information by spoofing a trusted entity using man in the middle techniques due to not validating or incorrectly validating a certificate. IBM X-Force ID: 160072.
EPSS
Процентиль: 31%
0.00117
Низкий
5.9 Medium
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-295