Qradar Network Security@5.4.0 Security Vulnerabilities and Issues — Qradar Network Security@5.4.0 CVE List

Lucene search

IbmQradar Network Security5.4.0

5 matches found

CVE•added 2021/11/08 5:15 p.m.•42 views

CVE-2020-4160

IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-...

5.9CVSS5.4AI score0.00168EPSS

CVE•added 2021/11/08 5:15 p.m.•37 views

CVE-2020-4152

IBM QRadar Network Security 5.4.0 and 5.5.0 transmits sensitive or security-critical data in cleartext in a communication channel that can be obtained using man in the middle techniques. IBM X-Force ID: 17467.

6.8CVSS5.5AI score0.00095EPSS

CVE•added 2021/11/08 5:15 p.m.•33 views

CVE-2020-4153

IBM QRadar Network Security 5.4.0 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174269...

5.4CVSS5.2AI score0.00346EPSS

CVE•added 2022/07/12 7:15 p.m.•28 views

CVE-2020-4157

IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174337.

7.5CVSS7.4AI score0.00072EPSS

CVE•added 2022/07/12 7:15 p.m.•28 views

CVE-2020-4159

IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339.

7.5CVSS7AI score0.00209EPSS