Lucene search

IbmCVE-2014-0837

HistoryJan 30, 2014 - 5:17 a.m.

CVE-2014-0837

2014-01-3005:17:46

CWE-310

ibm

web.nvd.nist.gov

ibm

security

qradar

siem

7.2 mr1

autoupdate

ssl

server

spoofing

certificate

x.509

man-in-the-middle

attack

vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

39.5%

JSON

The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

Affected configurations

Nvd

Node

ibmqradar_security_information_and_event_managerRange≤7.2.0

VendorProductVersionCPE
ibmqradar_security_information_and_event_manager*cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	qradar_security_information_and_event_manager	*	cpe:2.3:a:ibm:qradar_security_information_and_event_manager::::::::

References

osvdb.org/102552

seclists.org/fulldisclosure/2014/Jan/166

secunia.com/advisories/56653

www-01.ibm.com/support/docview.wss?uid=swg21663066

www.securityfocus.com/bid/65127

exchange.xforce.ibmcloud.com/vulnerabilities/90680

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

39.5%

JSON

Related for CVE-2014-0837