Primary

Context

IBM QRadar SIEM Cleartext Transmission Vulnerability Allowing Man-in-the-Middle Data Interception

Vulnerability

Patched

A vulnerability exists in IBM QRadar SIEM versions 7.5 through 7.5.0 UP9 IF03, where sensitive data is transmitted in cleartext. This lack of encryption could allow an unauthorized actor to intercept security-critical information using man-in-the-middle techniques.

Impact

Exploitation of this vulnerability could lead to unauthorized interception of sensitive or security-critical data.

Remediation

Users are advised to update to IBM QRadar SIEM 7.5.0 UP10. Instructions for downloading this update are available on the IBM Support Fix Central website. For QRadar Incident Forensics users, the same update to version 7.5.0 UP10 should be applied.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM QRadar SIEM Cleartext Transmission Vulnerability Allowing Man-in-the-Middle Data Interception

Vulnerability

Impact

Remediation

Affected Products

IBM QRadar SIEM

IBM QRadar Incident Forensics

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating