4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.009 Low
EPSS
Percentile
82.0%
Previous releases of IBM QRadar Security Information and Event Manager, IBM QRadar Vulnerability Manager and IBM QRadar Risk Manager are affected by multiple vulnerabilities reported in the IBM SDK Java Technology Edition Version 6 and 7.
CVEID: CVE-2014-0453
DESCRIPTION: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/92490 for the current score
CVSS Environmental Score:*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
CVEID: CVE-2014-4263
DESCRIPTION: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/94606 for the current score
CVSS Environmental Score:*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
CVEID: CVE-2014-4244
DESCRIPTION: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/94605 for the current score
CVSS Environmental Score:*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
The recommended solution is to apply the fix for each named product as soon as practical. Please see below for information about the fixes available.
Product | Remediation/First Fix |
---|
IBM QRadar SIEM 7.2.3
IBM QRadar Vulnerability Manager 7.2.3
IBM QRadar Risk Manager 7.2.3
| IBM QRadar SIEM 7.2.4 Patch 1
IBM QRadar SIEM 7.1 MR2
IBM QRadar Risk Manager 7.1 MR2
| IBM QRadar SIEM 7.1 MR2 Patch 9
None
**