← Back

CVE-2017-1622

nvd nist
Published: Dec 5, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.4
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Exploitability: 2.2 / Impact: 5.2
Source: NVD

Description

IBM QRadar SIEM 7.2.8 and 7.3 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-force ID: 133120.

Affected (22)

Ibm
1 product
Qradar Incident Forensics
Configuration A
22 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Qradar Incident Forensics
From 7.2.0 to 7.2.8
Qradar Incident Forensics
From 7.3.0 to 7.3.1
Qradar Incident Forensics
Version 7.2.8
Qradar Incident Forensics
Version 7.2.8 p10
Qradar Incident Forensics
Version 7.2.8 p11
Qradar Incident Forensics
Version 7.2.8 p12
Qradar Incident Forensics
Version 7.2.8 p13
Qradar Incident Forensics
Version 7.2.8 p1
Qradar Incident Forensics
Version 7.2.8 p3
Qradar Incident Forensics
Version 7.2.8 p4
Qradar Incident Forensics
Version 7.2.8 p5
Qradar Incident Forensics
Version 7.2.8 p6
Qradar Incident Forensics
Version 7.2.8 p7
Qradar Incident Forensics
Version 7.2.8 p8
Qradar Incident Forensics
Version 7.2.8 p9
Qradar Incident Forensics
Version 7.3.1
Qradar Incident Forensics
Version 7.3.1 p1
Qradar Incident Forensics
Version 7.3.1 p2
Qradar Incident Forensics
Version 7.3.1 p3
Qradar Incident Forensics
Version 7.3.1 p4
Qradar Incident Forensics
Version 7.3.1 p5
Qradar Incident Forensics
Version 7.3.1 p6

Related CWEs

CWE-295
Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.

References (4)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.