CVE Daily

CVE-2020-4160

IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obt...

Medium CVSS 5.9

Overview

IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 174340.

CWE: N/A Published: 2021-11-08T17:15:07.657
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.9 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags