| Vulnerability Name: | CVE-2020-4980 (CCN-192539) | ||||||||||||
| Assigned: | 2019-12-30 | ||||||||||||
| Published: | 2021-07-15 | ||||||||||||
| Updated: | 2022-07-12 | ||||||||||||
| Summary: | IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. IBM X-Force ID: 192539. | ||||||||||||
| CVSS v3 Severity: | 6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) 5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 3.3 Low (CVSS v2 Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-312 CWE-319 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2020-4980 Source: XF Type: UNKNOWN ibm-qradar-cve20204980-info-disc(192539) Source: XF Type: VDB Entry, Vendor Advisory ibm-qradar-cve20204980-info-disc (192539) Source: CCN Type: IBM Security Bulletin 6472891 (Qradar) IBM QRadar SIEM uses less secure methods for securing data at rest and in transit between hosts (CVE-2020-4980) Source: CONFIRM Type: Patch, Vendor Advisory https://www.ibm.com/support/pages/node/6472891 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||