What is the severity of CVE-2017-1622?

CVE-2017-1622 is classified as a medium severity vulnerability that allows for man-in-the-middle attacks.

How do I fix CVE-2017-1622?

To remediate CVE-2017-1622, ensure that you update IBM QRadar SIEM to the latest version that contains the fix.

Which versions of IBM QRadar SIEM are affected by CVE-2017-1622?

CVE-2017-1622 affects IBM QRadar SIEM versions 7.2.8 and 7.3.0 to 7.3.1.

What kind of attack does CVE-2017-1622 allow?

CVE-2017-1622 allows attackers to perform man-in-the-middle attacks by spoofing trusted entities.

Is CVE-2017-1622 related to certificate validation?

Yes, CVE-2017-1622 is related to improper validation of certificates within IBM QRadar SIEM.

Vulnerability/
CVE-2017-1622

high

7.4

CWE

295

5/12/2018

17/9/2024

CVE-2017-1622

First published: Wed Dec 05 2018(Updated: )

IBM QRadar SIEM 7.2.8 and 7.3 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-force ID: 133120.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Security QRadar Incident Forensics	>=7.2.0<7.2.8
IBM Security QRadar Incident Forensics	>=7.3.0<7.3.1
IBM Security QRadar Incident Forensics	=7.2.8
IBM Security QRadar Incident Forensics	=7.2.8-p1
IBM Security QRadar Incident Forensics	=7.2.8-p10
IBM Security QRadar Incident Forensics	=7.2.8-p11
IBM Security QRadar Incident Forensics	=7.2.8-p12
IBM Security QRadar Incident Forensics	=7.2.8-p13
IBM Security QRadar Incident Forensics	=7.2.8-p3
IBM Security QRadar Incident Forensics	=7.2.8-p4
IBM Security QRadar Incident Forensics	=7.2.8-p5
IBM Security QRadar Incident Forensics	=7.2.8-p6
IBM Security QRadar Incident Forensics	=7.2.8-p7
IBM Security QRadar Incident Forensics	=7.2.8-p8
IBM Security QRadar Incident Forensics	=7.2.8-p9
IBM Security QRadar Incident Forensics	=7.3.1
IBM Security QRadar Incident Forensics	=7.3.1-p1
IBM Security QRadar Incident Forensics	=7.3.1-p2
IBM Security QRadar Incident Forensics	=7.3.1-p3
IBM Security QRadar Incident Forensics	=7.3.1-p4
IBM Security QRadar Incident Forensics	=7.3.1-p5
IBM Security QRadar Incident Forensics	=7.3.1-p6

Remedy

https://www.ibm.com/support/docview.wss?uid=ibm10742713

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1622?
CVE-2017-1622 is classified as a medium severity vulnerability that allows for man-in-the-middle attacks.
How do I fix CVE-2017-1622?
To remediate CVE-2017-1622, ensure that you update IBM QRadar SIEM to the latest version that contains the fix.
Which versions of IBM QRadar SIEM are affected by CVE-2017-1622?
CVE-2017-1622 affects IBM QRadar SIEM versions 7.2.8 and 7.3.0 to 7.3.1.
What kind of attack does CVE-2017-1622 allow?
CVE-2017-1622 allows attackers to perform man-in-the-middle attacks by spoofing trusted entities.
Is CVE-2017-1622 related to certificate validation?
Yes, CVE-2017-1622 is related to improper validation of certificates within IBM QRadar SIEM.

agent/references
agent/type
agent/softwarecombine
agent/remedy
agent/weakness
agent/author
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm security qradar incident forensics
version/ibm security qradar incident forensics/7.2.0
version/ibm security qradar incident forensics/7.3.0
version/ibm security qradar incident forensics/7.2.8
version/ibm security qradar incident forensics/7.2.8-p1
version/ibm security qradar incident forensics/7.2.8-p10
version/ibm security qradar incident forensics/7.2.8-p11
version/ibm security qradar incident forensics/7.2.8-p12
version/ibm security qradar incident forensics/7.2.8-p13
version/ibm security qradar incident forensics/7.2.8-p3
version/ibm security qradar incident forensics/7.2.8-p4
version/ibm security qradar incident forensics/7.2.8-p5
version/ibm security qradar incident forensics/7.2.8-p6
version/ibm security qradar incident forensics/7.2.8-p7
version/ibm security qradar incident forensics/7.2.8-p8
version/ibm security qradar incident forensics/7.2.8-p9
version/ibm security qradar incident forensics/7.3.1
version/ibm security qradar incident forensics/7.3.1-p1
version/ibm security qradar incident forensics/7.3.1-p2
version/ibm security qradar incident forensics/7.3.1-p3
version/ibm security qradar incident forensics/7.3.1-p4
version/ibm security qradar incident forensics/7.3.1-p5
version/ibm security qradar incident forensics/7.3.1-p6