Cross site scripting

Cross-site scripting XSS vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2014-0837

The CVE-2014-0837 issue affects IBM QRadar SIEM (and related QRadar components) where the AutoUpdate process does not verify SSL certificates, allowing MITM attackers to spoof the update server and potentially tamper data. Affected products include QRadar SIEM 7.2 MR1 and earlier (QRM/QVM). The r...

CVE-2014-0837

The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...