Credentials Exposure in IBM Security QRadar SIEM and QRadar Risk Manager

Credentials Exposure in IBM Security QRadar SIEM and QRadar Risk Manager

CVE-2014-6075 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, place credentials in URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.

Learn more about our Web App Pen Testing.