CVE-2014-4832

IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
ibmqradar_risk_manager
7.1.0
ibmqradar_risk_manager
7.2.0
ibmqradar_risk_manager
7.2.1
ibmqradar_risk_manager
7.2.2
ibmqradar_risk_manager
7.2.3
ibmqradar_risk_manager
7.2.4
ibmqradar_vulnerability_manager
7.2.0
ibmqradar_vulnerability_manager
7.2.1
ibmqradar_vulnerability_manager
7.2.2
ibmqradar_vulnerability_manager
7.2.3
ibmqradar_vulnerability_manager
7.2.4
ibmqradar_security_information_and_event_manager
7.1.0
ibmqradar_security_information_and_event_manager
7.2.0
ibmqradar_security_information_and_event_manager
7.2.1
ibmqradar_security_information_and_event_manager
7.2.2
ibmqradar_security_information_and_event_manager
7.2.3
ibmqradar_security_information_and_event_manager
7.2.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21691211
https://exchange.xforce.ibmcloud.com/vulnerabilities/95582
http://www-01.ibm.com/support/docview.wss?uid=swg21691211
https://exchange.xforce.ibmcloud.com/vulnerabilities/95582