Sensitive parameters were passed in the request query to QRadar Incident Forensics
VULNERABILITY DETAILS
CVE-ID:CVE-2015-1999
Description: IBM QRadar could allow an attacker to obtain sensitive information such as sessionIDs through a query of an SSL request parameter. A remote attacker could obtain this information through man in the middle techniques.
**CVSS Base Score:**4.3 **CVSS Temporal Score: **See https://exchange.xforce.ibmcloud.com/vulnerabilities/103910 for the current score **CVSS Environmental Score:***Undefined **CVSS Vector:**AV:N/AC:M/Au:N/C:P/I:N/A:N
ยท IBM QRadar Incident Forensics 7.2.n
ยท IBM QRadar/QRM/QVM/QRIF 7.2.5 Patch 5
None