PT-2014-6150 · Ibm · Ibm Security Qradar Vulnerability Manager+2
Publicado
2014-11-28
·
Atualizado
2017-08-29
·
CVE-2014-4832
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Security QRadar SIEM and QRadar Risk Manager versions 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1
IBM Security QRadar SIEM and QRadar Risk Manager version 7.2 before 7.2.4 Patch 1
IBM Security QRadar Vulnerability Manager version 7.2 before 7.2.4 Patch 1
Description
The issue allows remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.
Recommendations
For IBM Security QRadar SIEM and QRadar Risk Manager versions 7.1 before MR2 Patch 9, apply MR2 Patch 9 to resolve the issue.
For IBM Security QRadar SIEM and QRadar Risk Manager version 7.2 before 7.2.4 Patch 1, update to 7.2.4 Patch 1 to resolve the issue.
For IBM Security QRadar Vulnerability Manager version 7.2 before 7.2.4 Patch 1, update to 7.2.4 Patch 1 to resolve the issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Security Qradar Risk Manager
Ibm Security Qradar Siem
Ibm Security Qradar Vulnerability Manager