Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-4980

IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. IBM X-Force ID: 192539.

Published

2021-07-16T17:15:12.027

Last Modified

2024-11-21T05:33:30.310

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: ADJACENT_NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

6.5

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-312
    CWE-319
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application ibm qradar_security_information_and_event_manager < 7.3.3 Yes
Application ibm qradar_security_information_and_event_manager < 7.4.3 Yes
Application ibm qradar_security_information_and_event_manager 7.3.3 Yes
Application ibm qradar_security_information_and_event_manager 7.3.3 Yes
Application ibm qradar_security_information_and_event_manager 7.3.3 Yes
Application ibm qradar_security_information_and_event_manager 7.3.3 Yes
Application ibm qradar_security_information_and_event_manager 7.3.3 Yes
Application ibm qradar_security_information_and_event_manager 7.3.3 Yes
Application ibm qradar_security_information_and_event_manager 7.3.3 Yes
Application ibm qradar_security_information_and_event_manager 7.3.3 Yes
Application ibm qradar_security_information_and_event_manager 7.4.3 Yes
Operating System linux linux_kernel - No
References