IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 289858.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/289858 | VDB Entry |
https://www.ibm.com/support/pages/node/7160961 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
28 Aug 2024, 22:08
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:ibm:qradar_network_packet_capture:7.5.0:-:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_network_packet_capture:7.5.0:update_package_2:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_network_packet_capture:7.5.0:update_package_6:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_network_packet_capture:7.5.0:update_package_5:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_network_packet_capture:7.5.0:update_package_3:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_network_packet_capture:7.5.0:update_package_7:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_network_packet_capture:7.5.0:update_package_1:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_network_packet_capture:7.5.0:update_package_4:*:*:*:*:*:* |
|
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/289858 - VDB Entry | |
References | () https://www.ibm.com/support/pages/node/7160961 - Vendor Advisory | |
First Time |
Ibm
Ibm qradar Network Packet Capture |
|
Summary |
|
15 Aug 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-15 17:15
Updated : 2024-08-28 22:08
NVD link : CVE-2024-31905
Mitre link : CVE-2024-31905
CVE.ORG link : CVE-2024-31905
JSON object : View
Products Affected
ibm
- qradar_network_packet_capture
CWE
CWE-311
Missing Encryption of Sensitive Data