Code injection

2020-04-1516:15:00

PRIOn knowledge base

www.prio-n.com

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.2%

JSON

IBM QRadar 7.3.0 to 7.3.3 Patch 2 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-ForceID: 170965.

CPENameOperatorVersion
qradar_security_information_and_event_managerge7.3.0
qradar_security_information_and_event_managerlt7.3.3
qradar_security_information_and_event_managereq7.3.3
qradar_security_information_and_event_managereq7.3.3 p2
qradar_security_information_and_event_managereq7.3.3 p1

Name	Operator	Version
qradar_security_information_and_event_manager	ge	7.3.0
qradar_security_information_and_event_manager	lt	7.3.3
qradar_security_information_and_event_manager	eq	7.3.3
qradar_security_information_and_event_manager	eq	7.3.3 p2
qradar_security_information_and_event_manager	eq	7.3.3 p1