CVE-2019-4576
First published: Mon Jun 08 2020(Updated: )
IBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 1 and 7.4.0 GA does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 166803.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM QRadar Network Packet Capture | >=7.3.0<7.3.2 | |
| IBM QRadar Network Packet Capture | =7.3.2 | |
| IBM QRadar Network Packet Capture | =7.3.2-patch_1 | |
| IBM QRadar Network Packet Capture | =7.3.2-patch_2 | |
| IBM QRadar Network Packet Capture | =7.3.2-patch_3 | |
| IBM QRadar Network Packet Capture | =7.3.2-patch_4 | |
| IBM QRadar Network Packet Capture | =7.3.3 | |
| IBM QRadar Network Packet Capture | =7.3.3-patch_1 | |
| IBM QRadar Network Packet Capture | =7.4.0 | |
| Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-4576?
CVE-2019-4576 has a high severity rating due to the lack of strong password requirements, making user accounts more susceptible to compromise.
How do I fix CVE-2019-4576?
To mitigate CVE-2019-4576, enable strong password policies within the IBM QRadar Network Packet Capture configuration.
Which versions of IBM QRadar Network Packet Capture are affected by CVE-2019-4576?
CVE-2019-4576 affects IBM QRadar Network Packet Capture versions 7.3.0 to 7.3.3 Patch 1 and version 7.4.0 GA.
What are the potential risks of CVE-2019-4576?
The risks associated with CVE-2019-4576 include unauthorized access and control over sensitive network data, leading to potential data breaches.
Is there a workaround for CVE-2019-4576?
Currently, there is no specific workaround for CVE-2019-4576 other than implementing strong password policies immediately.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/weakness
- agent/author
- agent/severity
- agent/description
- collector/ibm-support
- source/IBM
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm qradar network packet capture
- version/ibm qradar network packet capture/7.3.0
- version/ibm qradar network packet capture/7.3.2
- version/ibm qradar network packet capture/7.3.2-patch_1
- version/ibm qradar network packet capture/7.3.2-patch_2
- version/ibm qradar network packet capture/7.3.2-patch_3
- version/ibm qradar network packet capture/7.3.2-patch_4
- version/ibm qradar network packet capture/7.3.3
- version/ibm qradar network packet capture/7.3.3-patch_1
- version/ibm qradar network packet capture/7.4.0
- vendor/linux
- canonical/linux kernel