What is the severity of CVE-2021-29779?

CVE-2021-29779 has been classified with a medium severity level due to the possibility of sensitive information exposure.

How do I fix CVE-2021-29779?

To fix CVE-2021-29779, it is recommended to update IBM QRadar Security Information and Event Manager to the latest available fix packs.

Which versions of IBM QRadar are affected by CVE-2021-29779?

CVE-2021-29779 affects IBM QRadar versions 7.3 and 7.4, specifically versions prior to 7.3.3 and 7.4.3 respectively.

What type of attack is associated with CVE-2021-29779?

CVE-2021-29779 is associated with man-in-the-middle attacks that can exploit insecure key exchange processes.

Is CVE-2021-29779 easy to exploit?

CVE-2021-29779 may be considered relatively easy to exploit for attackers with access to the network where affected systems reside.

Vulnerability/
CVE-2021-29779

medium

5.9

26/11/2021

1/12/2021

16/9/2024

CVE-2021-29779

First published: Fri Nov 26 2021(Updated: )

IBM QRadar could allow an attacker to obtain sensitive information due to the server performing key exchange without entity authentication on inter-host communications using man in the middle techniques.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM QRadar Security Information and Event Manager	>=7.3.0<=7.3.3
IBM QRadar Security Information and Event Manager	>=7.4.0<=7.4.3
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_1
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_2
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_3
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_4
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_5
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_6
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_7
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_8
IBM QRadar Security Information and Event Manager	=7.3.3-fix_pack_9
IBM QRadar Security Information and Event Manager	=7.4.2-fix_pack_1
IBM QRadar Security Information and Event Manager	=7.4.3-fix_pack_1
IBM QRadar Security Information and Event Manager	=7.4.3-fix_pack_2
IBM QRadar Security Information and Event Manager	=7.4.3-fix_pack_3
Linux kernel

Remedy

https://www.ibm.com/support/pages/node/6520484

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6520484

Frequently Asked Questions

What is the severity of CVE-2021-29779?
CVE-2021-29779 has been classified with a medium severity level due to the possibility of sensitive information exposure.
How do I fix CVE-2021-29779?
To fix CVE-2021-29779, it is recommended to update IBM QRadar Security Information and Event Manager to the latest available fix packs.
Which versions of IBM QRadar are affected by CVE-2021-29779?
CVE-2021-29779 affects IBM QRadar versions 7.3 and 7.4, specifically versions prior to 7.3.3 and 7.4.3 respectively.
What type of attack is associated with CVE-2021-29779?
CVE-2021-29779 is associated with man-in-the-middle attacks that can exploit insecure key exchange processes.
Is CVE-2021-29779 easy to exploit?
CVE-2021-29779 may be considered relatively easy to exploit for attackers with access to the network where affected systems reside.

agent/references
agent/type
agent/first-publish-date
collector/ibm-support
source/IBM
agent/author
agent/remedy
agent/severity
agent/softwarecombine
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm qradar security information and event manager
version/ibm qradar security information and event manager/7.3.0
version/ibm qradar security information and event manager/7.3.3
version/ibm qradar security information and event manager/7.4.0
version/ibm qradar security information and event manager/7.4.3
version/ibm qradar security information and event manager/7.3.3-fix_pack_1
version/ibm qradar security information and event manager/7.3.3-fix_pack_2
version/ibm qradar security information and event manager/7.3.3-fix_pack_3
version/ibm qradar security information and event manager/7.3.3-fix_pack_4
version/ibm qradar security information and event manager/7.3.3-fix_pack_5
version/ibm qradar security information and event manager/7.3.3-fix_pack_6
version/ibm qradar security information and event manager/7.3.3-fix_pack_7
version/ibm qradar security information and event manager/7.3.3-fix_pack_8
version/ibm qradar security information and event manager/7.3.3-fix_pack_9
version/ibm qradar security information and event manager/7.4.2-fix_pack_1
version/ibm qradar security information and event manager/7.4.3-fix_pack_1
version/ibm qradar security information and event manager/7.4.3-fix_pack_2
version/ibm qradar security information and event manager/7.4.3-fix_pack_3
vendor/linux
canonical/linux kernel