Lucene search

IbmCVE-2014-4831

HistoryNov 28, 2014 - 2:59 a.m.

CVE-2014-4831

2014-11-2802:59:02

CWE-287

ibm

web.nvd.nist.gov

ibm

security

qradar

siem

risk manager

cve-2014-4831

vulnerability

session hijacking

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

54.9%

JSON

IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to hijack sessions via unspecified vectors.

Affected configurations

Nvd

Node

ibmqradar_risk_managerMatch7.1.0

ibmqradar_risk_managerMatch7.2.0

ibmqradar_risk_managerMatch7.2.1

ibmqradar_risk_managerMatch7.2.2

ibmqradar_risk_managerMatch7.2.3

ibmqradar_risk_managerMatch7.2.4

Node

ibmqradar_vulnerability_managerMatch7.2.0

ibmqradar_vulnerability_managerMatch7.2.1

ibmqradar_vulnerability_managerMatch7.2.2

ibmqradar_vulnerability_managerMatch7.2.3

ibmqradar_vulnerability_managerMatch7.2.4

VendorProductVersionCPE
ibmqradar_risk_manager7.1.0cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*
ibmqradar_risk_manager7.2.0cpe:2.3:a:ibm:qradar_risk_manager:7.2.0:*:*:*:*:*:*:*
ibmqradar_risk_manager7.2.1cpe:2.3:a:ibm:qradar_risk_manager:7.2.1:*:*:*:*:*:*:*
ibmqradar_risk_manager7.2.2cpe:2.3:a:ibm:qradar_risk_manager:7.2.2:*:*:*:*:*:*:*
ibmqradar_risk_manager7.2.3cpe:2.3:a:ibm:qradar_risk_manager:7.2.3:*:*:*:*:*:*:*
ibmqradar_risk_manager7.2.4cpe:2.3:a:ibm:qradar_risk_manager:7.2.4:*:*:*:*:*:*:*
ibmqradar_vulnerability_manager7.2.0cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*
ibmqradar_vulnerability_manager7.2.1cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*
ibmqradar_vulnerability_manager7.2.2cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*
ibmqradar_vulnerability_manager7.2.3cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	qradar_risk_manager	7.1.0	cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:::::::*
ibm	qradar_risk_manager	7.2.0	cpe:2.3:a:ibm:qradar_risk_manager:7.2.0:::::::*
ibm	qradar_risk_manager	7.2.1	cpe:2.3:a:ibm:qradar_risk_manager:7.2.1:::::::*
ibm	qradar_risk_manager	7.2.2	cpe:2.3:a:ibm:qradar_risk_manager:7.2.2:::::::*
ibm	qradar_risk_manager	7.2.3	cpe:2.3:a:ibm:qradar_risk_manager:7.2.3:::::::*
ibm	qradar_risk_manager	7.2.4	cpe:2.3:a:ibm:qradar_risk_manager:7.2.4:::::::*
ibm	qradar_vulnerability_manager	7.2.0	cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:::::::*
ibm	qradar_vulnerability_manager	7.2.1	cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:::::::*
ibm	qradar_vulnerability_manager	7.2.2	cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:::::::*
ibm	qradar_vulnerability_manager	7.2.3	cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:::::::*

Rows per page:

1-10 of 111

References

www-01.ibm.com/support/docview.wss?uid=swg21691211

exchange.xforce.ibmcloud.com/vulnerabilities/95581

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

54.9%

JSON

Related for CVE-2014-4831