Cryptographic Vulnerability in IBM Qradar Advisor Product
CVE-2019-4557

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Qradar Advisor
Vendor: CVE Published:; 25 February 2020

Summary

IBM Qradar Advisor versions 1.1 through 2.5 with Watson have been found to utilize weaker cryptographic algorithms than anticipated. This significant flaw could potentially allow an unauthorized attacker to decrypt highly sensitive information, posing a risk to data confidentiality. Organizations utilizing these affected versions should consider immediate action to secure their systems against potential breaches that could exploit this vulnerability.

Affected Version(s)

Qradar Advisor 1.1

Qradar Advisor 2.5

References

https://www.ibm.com/support/pages/node/3379947

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/166206

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 25, 2020
Vulnerability Reserved
Jan 3, 2019