← Back

CVE-2024-28786

nvd nist
Published: Jan 28, 2025Modified: Jul 25, 2025

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: psirt@us.ibm.com (Secondary)

Description

IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.

Affected (10)

Ibm
1 product
Qradar Security Information And Event Manager
Configuration A
10 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ibm
Qradar Security Information And Event Manager
Version 7.5.0
Qradar Security Information And Event Manager
Version 7.5.0 update_pack_1
Qradar Security Information And Event Manager
Version 7.5.0 update_pack_2
Qradar Security Information And Event Manager
Version 7.5.0 update_pack_3
Qradar Security Information And Event Manager
Version 7.5.0 update_pack_4
Qradar Security Information And Event Manager
Version 7.5.0 update_pack_5
Qradar Security Information And Event Manager
Version 7.5.0 update_pack_6
Qradar Security Information And Event Manager
Version 7.5.0 update_pack_7
Qradar Security Information And Event Manager
Version 7.5.0 update_pack_8
Qradar Security Information And Event Manager
Version 7.5.0 update_pack_9
Running on/withPlatform Versions
Linux
Linux Kernel
All versions

Related CWEs

CWE-319
Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (1)

Source: psirt@us.ibm.com
Vendor Advisory

Timeline

No history available yet.