3 matches found
CVE-2020-4160
IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM...
CVE-2020-4160
The CVE-2020-4160 entry applies to IBM QRadar Network Security versions 5.4.0 and 5.5.0, where the root cause is the failure to properly enable HTTP Strict Transport Security (HSTS). This misconfiguration can allow a remote attacker to obtain sensitive information via man-in-the-middle techniques...
Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities (CVE-2020-4152, CVE-2020-4160, CVE-2020-4153)
Summary IBM QRadar Network Security has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-4152 DESCRIPTION: IBM QRadar Network Security transmits sensitive or security-critical data in cleartext in a communication channel that can be obtained using man in the middle...