CVE-2014-4832: Infoleak
First published: Fri Nov 28 2014(Updated: )
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Qradar Risk Manager | =7.1.0 | |
| Ibm Qradar Risk Manager | =7.2.0 | |
| Ibm Qradar Risk Manager | =7.2.1 | |
| Ibm Qradar Risk Manager | =7.2.2 | |
| Ibm Qradar Risk Manager | =7.2.3 | |
| Ibm Qradar Risk Manager | =7.2.4 | |
| Ibm Qradar Vulnerability Manager | =7.2.0 | |
| Ibm Qradar Vulnerability Manager | =7.2.1 | |
| Ibm Qradar Vulnerability Manager | =7.2.2 | |
| Ibm Qradar Vulnerability Manager | =7.2.3 | |
| Ibm Qradar Vulnerability Manager | =7.2.4 | |
| IBM QRadar Security Information and Event Manager | =7.1.0 | |
| IBM QRadar Security Information and Event Manager | =7.2.0 | |
| IBM QRadar Security Information and Event Manager | =7.2.1 | |
| IBM QRadar Security Information and Event Manager | =7.2.2 | |
| IBM QRadar Security Information and Event Manager | =7.2.3 | |
| IBM QRadar Security Information and Event Manager | =7.2.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/remedy
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm qradar risk manager
- version/ibm qradar risk manager/7.1.0
- version/ibm qradar risk manager/7.2.0
- version/ibm qradar risk manager/7.2.1
- version/ibm qradar risk manager/7.2.2
- version/ibm qradar risk manager/7.2.3
- version/ibm qradar risk manager/7.2.4
- canonical/ibm qradar vulnerability manager
- version/ibm qradar vulnerability manager/7.2.0
- version/ibm qradar vulnerability manager/7.2.1
- version/ibm qradar vulnerability manager/7.2.2
- version/ibm qradar vulnerability manager/7.2.3
- version/ibm qradar vulnerability manager/7.2.4
- canonical/ibm qradar security information and event manager
- version/ibm qradar security information and event manager/7.1.0
- version/ibm qradar security information and event manager/7.2.0
- version/ibm qradar security information and event manager/7.2.1
- version/ibm qradar security information and event manager/7.2.2
- version/ibm qradar security information and event manager/7.2.3
- version/ibm qradar security information and event manager/7.2.4