2 matches found
Security Bulletin: IBM QRadar SIEM Performs Key Exchange Without Entity Authentication on Inter-Host Communications (CVE-2021-29779)
Summary IBM QRadar SIEM Performs Key Exchange Without Entity Authentication on Inter-Host Communications Vulnerability Details CVEID: CVE-2021-29779 DESCRIPTION: IBM QRadar could allow an attacker to obtain sensitive information due to the server performing key exchange without entity...
CVE-2021-29779
IBM QRadar SIEM vulnerability CVE-2021-29779 affects QRadar 7.3.0–7.3.3 FP9 and 7.4.0–7.4.3 FP2. The issue: inter-host key exchange occurs without entity authentication, enabling information disclosure via MITM. Remediation is provided as fixes: 7.3.3 FP10 and 7.4.3 FP4 (with 7.4.3 FP3 note for C...