CVE-2021-29779

Name of the Vulnerable Software and Affected Versions IBM QRadar SIEM versions 7.3 through 7.4

Description The issue is related to the server performing key exchange without entity authentication on inter-host communications, making it vulnerable to man-in-the-middle techniques. This could allow an attacker to obtain sensitive information. The vulnerability is associated with weaknesses in the authentication procedure, which can be exploited by a remote attacker to gain unauthorized access to protected information.

Recommendations For versions 7.3 and 7.4, consider implementing additional authentication measures to prevent man-in-the-middle attacks, such as enhancing entity authentication on inter-host communications. As a temporary workaround, restrict access to sensitive information until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.