Clickjacking Vulnerability in IBM Security QRadar SIEM Product
CVE-2014-4828

Currently unrated

Key Information:

Vendor: IBM
Status: Qradar Security Information And Event Manager
Vendor: CVE Published:; 19 October 2014

What is CVE-2014-4828?

IBM Security QRadar SIEM is vulnerable to clickjacking attacks due to improper validation of crafted HTTP requests. Remote attackers can exploit this vulnerability to manipulate user interactions with the service without the user's consent, potentially leading to unauthorized actions within the application. Organizations using the affected versions are encouraged to apply available security patches and implement protective measures to safeguard their systems against such exploitation.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21686478

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/95578

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 19, 2014
Vulnerability Reserved
Jul 9, 2014