Man-in-the-Middle Vulnerability in IBM Security QRadar SIEM
CVE-2014-4825

Currently unrated

Key Information:

Vendor: IBM
Status: Qradar Security Information And Event Manager
Vendor: CVE Published:; 19 October 2014

Summary

IBM Security QRadar SIEM versions 7.1 MR1 and 7.2 MR2 exhibit a vulnerability that undermines the implementation of secure connections. This flaw allows malicious actors to perform man-in-the-middle attacks, thereby enabling the interception of sensitive data, including cleartext credentials. The exact vectors through which this vulnerability can be exploited remain unspecified, raising concerns about the security of data in transit within affected installations.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95575

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21686478

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 19, 2014
Vulnerability Reserved
Jul 9, 2014