PT-2024-5818 · Ibm · Ibm Qradar Network Packet Capture
Published
2024-07-23
·
Updated
2024-08-28
·
CVE-2024-31905
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM QRadar Network Packet Capture version 7.5
Description
The issue is related to the failure to properly enable HTTP Strict Transport Security, which could allow a remote attacker to obtain sensitive information using man-in-the-middle techniques. This could lead to the exposure of protected information.
Recommendations
For IBM QRadar Network Packet Capture version 7.5, enable HTTP Strict Transport Security to prevent exploitation. As a temporary workaround, consider implementing additional security measures to detect and prevent man-in-the-middle attacks until the issue is fully resolved. Restrict access to sensitive information and monitor network traffic for suspicious activity.
Fix
Missing Encryption of Sensitive Data
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ibm Qradar Network Packet Capture