5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
IBM QRadar / QRM / QVM / QRIF / QNI includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.
CVEID: CVE-2012-5784
**Description:**Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject’s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target.
**CVSS Base Score:**4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79829> for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**AV:N/AC:M/Au:N/C:N/I:P/A:N
For QRadar 7.2.8 Administrators
For users of IBM QRadar SIEM 7.2.8, administrators can mitigate this issue by completing an upgrade to QRadar / QRM / QVM / QRIF / QNI 7.3.2 GA where the vulnerable component has been removed from the product. Apache Axis is used for internal configuration services (IPC), and the deployment editor in 7.2.8. Using the Systems, and License Management icon in the administration panel rather than the Deployment Editor for deployment related changes would help mitigate the risk of CVE-2012-5784. For information on this upgrade path, see the QRadar Upgrade Guide.
For QRadar 7.3.0/7.3.1 Administrators
See the Remediation/Fixes section to get the upgrade to QRadar 7.3.2.
CPE | Name | Operator | Version |
---|---|---|---|
ibm security qradar siem | eq | 7.2.8 | |
ibm security qradar siem | eq | 7.3 |