Communication Data Exposure in IBM QRadar Network Security
CVE-2020-4152

6.8MEDIUM

Key Information:

Vendor
IBM
Status
Qradar Network Security
Vendor
CVE Published:
8 November 2021

Summary

The IBM QRadar Network Security versions 5.4.0 and 5.5.0 are susceptible to a vulnerability that allows the transmission of sensitive security data in plaintext. This exposes the system to potential interception via man-in-the-middle attacks, enabling unauthorized entities to access critical information during communication. It is essential for organizations using affected versions to implement measures to secure data transmission and ensure that sensitive communications are properly encrypted.

Affected Version(s)

QRadar Network Security 5.4.0

QRadar Network Security 5.5.0

References

https://www.ibm.com/support/pages/node/6514403
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/174267
vdb-entryx_refsource_XF

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.