First published: Tue Apr 14 2020(Updated: )
IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-ForceID: 175845.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM QRadar Security Information and Event Manager | >=7.3.0<7.3.3 | |
IBM QRadar Security Information and Event Manager | =7.3.3 | |
IBM QRadar Security Information and Event Manager | =7.3.3-p1 | |
IBM QRadar Security Information and Event Manager | =7.3.3-p2 | |
Linux Linux kernel |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-4269 is a vulnerability in IBM QRadar 7.3.0 to 7.3.3 Patch 2 that allows for hard-coded credentials to be exposed.
CVE-2020-4269 has a severity value of 7.5, which is classified as high.
CVE-2020-4269 affects IBM QRadar 7.3.0 to 7.3.3 Patch 2 by exposing hard-coded credentials that can be used for authentication, communication, and data encryption.
No, Linux is not affected by CVE-2020-4269.
To fix CVE-2020-4269, apply the necessary patch or update provided by IBM QRadar.