2 matches found
CVE-2019-4654
IBM QRadar SIEM is affected by CVE-2019-4654 in versions 7.3.0 through 7.3.3 Patch 2, where certificate validation is missing or incorrect, enabling MITM-based spoofing of a trusted entity. The primary affected component is QRadar’s TLS certificate validation mechanism, leading to potential infor...
Security Bulletin: IBM QRadar SIEM is vulnerable to invalid certificate validation (CVE-2019-4654)
Summary IBM QRadar SIEM does not validate, or incorrectly validates, a certificate. Vulnerability Details CVEID: CVE-2019-4654 DESCRIPTION: IBM QRadar does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle MI...