CVE-2014-4831Improper Authentication in IBM Qradar Risk Manager

CWE-287Improper Authentication3 documents3 sources
Severity
5.8MEDIUMNVD
EPSS
0.2%
top 57.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Qradar Risk ManagerIBM Qradar Vulnerability Manager
Timeline
PublishedNov 28
Latest updateMay 17

Description

IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to hijack sessions via unspecified vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages2 packages

NVDibm/qradar_risk_manager6 versions+5

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-59r9-3g5v-j3xj: IBM Security QRadar SIEM and QRadar Risk Manager 72022-05-17
CVEList
CVE-2014-4831: IBM Security QRadar SIEM and QRadar Risk Manager 72014-11-28
CVE-2014-4831 — Improper Authentication in IBM | cvebase