CVE-2020-4980 : IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in tran

IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. IBM X-Force ID: 192539.

Published 2021-07-16 17:15:12

Updated 2022-07-12 17:42:04

Source IBM Corporation

View at NVD, CVE.org

Products affected by CVE-2020-4980

IBM » Qradar Security Information And Event Manager
Versions from including (>=) 7.3.0 and before (<) 7.3.3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager
Versions from including (>=) 7.4.0 and before (<) 7.4.3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:*:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.3.3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:-:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.3.3 Update P1
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:p1:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.3.3 Update P2
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:p2:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.3.3 Update P3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:p3:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.3.3 Update P4
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:p4:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.3.3 Update P5
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:p5:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.3.3 Update P6
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:p6:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.3.3 Update P7
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.3.3:p7:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
IBM » Qradar Security Information And Event Manager » Version: 7.4.3
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2020-4980

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 12 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-4980

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.3	LOW	AV:A/AC:L/Au:N/C:P/I:N/A:N	6.5	2.9	NIST
Access Vector: Adjacent Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.3	MEDIUM	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	1.6	3.6	IBM Corporation
Attack Vector: Adjacent Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
6.5	MEDIUM	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	NIST
Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2020-4980

CWE-312 Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

Assigned by: nvd@nist.gov (Primary)
CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-4980

https://www.ibm.com/support/pages/node/6472891

Security Bulletin: IBM QRadar SIEM uses less secure methods for securing data at rest and in transit between hosts (CVE-2020-4980)
Patch;Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/192539

IBM QRadar information disclosure CVE-2020-4980 Vulnerability Report
VDB Entry;Vendor Advisory

Jump to

Vulnerability Details : CVE-2020-4980

Products affected by CVE-2020-4980

Exploit prediction scoring system (EPSS) score for CVE-2020-4980

CVSS scores for CVE-2020-4980

CWE ids for CVE-2020-4980

References for CVE-2020-4980