1. CVE-Search
  2. CVE-2014-0837
ID CVE-2014-0837
Summary The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*
  • cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 29-08-2017 - 01:34)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 65127
confirm http://www-01.ibm.com/support/docview.wss?uid=swg21663066
fulldisc 20140124 ADV: IBM QRadar SIEM
osvdb 102552
secunia 56653
xf ibm-qradar-cve20140837-mitm(90680)
Last major update 29-08-2017 - 01:34
Published 30-01-2014 - 05:17
Last modified 29-08-2017 - 01:34
Back to Top