CVE-2014-4832

IBM Security QRadar SIEM & QRadar Risk Manager <7.1 MR2 - Info Disc...

Title source: llm
STIX 2.1

Description

IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21691211
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95582

Scores

EPSS 0.0107
EPSS Percentile 60.7%

Details

CWE
CWE-200
Status published
Products (17)
ibm/qradar_risk_manager 7.1.0
ibm/qradar_risk_manager 7.2.0
ibm/qradar_risk_manager 7.2.1
ibm/qradar_risk_manager 7.2.2
ibm/qradar_risk_manager 7.2.3
ibm/qradar_risk_manager 7.2.4
ibm/qradar_security_information_and_event_manager 7.1.0
ibm/qradar_security_information_and_event_manager 7.2.0
ibm/qradar_security_information_and_event_manager 7.2.1
ibm/qradar_security_information_and_event_manager 7.2.2
... and 7 more
Published Nov 28, 2014
Tracked Since Feb 18, 2026