CVE-2014-6075
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, place credentials in URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 anterior a MR2 Patch 9 y 7.2 anterior a 7.2.4 Patch 1, y QRadar Vulnerability Manager 7.2 anterior a 7.2.4 Patch 1, ponen credenciales en URLs, lo que permite a atacantes remotos obtener informaciĆ³n sensible mediante la lectura de (1) los registros del acceso al servidor web, (2) los registros del referer del servidor web, o (3) el historial de navegaciĆ³n.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-09-02 CVE Reserved
- 2014-11-28 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/95727 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21691211 | 2017-09-08 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ibm Search vendor "Ibm" | Qradar Risk Manager Search vendor "Ibm" for product "Qradar Risk Manager" | 7.1.0 Search vendor "Ibm" for product "Qradar Risk Manager" and version "7.1.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Risk Manager Search vendor "Ibm" for product "Qradar Risk Manager" | 7.2.0 Search vendor "Ibm" for product "Qradar Risk Manager" and version "7.2.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Risk Manager Search vendor "Ibm" for product "Qradar Risk Manager" | 7.2.1 Search vendor "Ibm" for product "Qradar Risk Manager" and version "7.2.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Risk Manager Search vendor "Ibm" for product "Qradar Risk Manager" | 7.2.2 Search vendor "Ibm" for product "Qradar Risk Manager" and version "7.2.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Risk Manager Search vendor "Ibm" for product "Qradar Risk Manager" | 7.2.3 Search vendor "Ibm" for product "Qradar Risk Manager" and version "7.2.3" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Risk Manager Search vendor "Ibm" for product "Qradar Risk Manager" | 7.2.4 Search vendor "Ibm" for product "Qradar Risk Manager" and version "7.2.4" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Vulnerability Manager Search vendor "Ibm" for product "Qradar Vulnerability Manager" | 7.2.0 Search vendor "Ibm" for product "Qradar Vulnerability Manager" and version "7.2.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Vulnerability Manager Search vendor "Ibm" for product "Qradar Vulnerability Manager" | 7.2.1 Search vendor "Ibm" for product "Qradar Vulnerability Manager" and version "7.2.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Vulnerability Manager Search vendor "Ibm" for product "Qradar Vulnerability Manager" | 7.2.2 Search vendor "Ibm" for product "Qradar Vulnerability Manager" and version "7.2.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Vulnerability Manager Search vendor "Ibm" for product "Qradar Vulnerability Manager" | 7.2.3 Search vendor "Ibm" for product "Qradar Vulnerability Manager" and version "7.2.3" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Vulnerability Manager Search vendor "Ibm" for product "Qradar Vulnerability Manager" | 7.2.4 Search vendor "Ibm" for product "Qradar Vulnerability Manager" and version "7.2.4" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | 7.1.0 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version "7.1.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | 7.2.0 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version "7.2.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | 7.2.1 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version "7.2.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | 7.2.2 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version "7.2.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | 7.2.3 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version "7.2.3" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Qradar Security Information And Event Manager Search vendor "Ibm" for product "Qradar Security Information And Event Manager" | 7.2.4 Search vendor "Ibm" for product "Qradar Security Information And Event Manager" and version "7.2.4" | - |
Affected
|