CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0837

The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.4%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2014-0837

Ibm » Qradar Security Information And Event Manager » Version: N/A

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:-
Ibm » Qradar Security Information And Event Manager » Version: 7.0.0

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.0
Ibm » Qradar Security Information And Event Manager » Version: 7.0.1

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.1
Ibm » Qradar Security Information And Event Manager » Version: 7.1.0

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0
Ibm » Qradar Security Information And Event Manager » Version: 7.1.1

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1
Ibm » Qradar Security Information And Event Manager » Version: 7.1.2

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2
Ibm » Qradar Security Information And Event Manager » Version: 7.2

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2
Ibm » Qradar Security Information And Event Manager » Version: 7.2.0

cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0837

Products

Pricing

Contact Us