VDB
CVE-2024-28786
CVE-2024-28786
PUBLISHED
CVSS 6.5 MEDIUM
IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.
EPSS 0.03% · 8.5th percentile
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.03%
8.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ibm | qradar_security_information_and_event_manager | 7.5.0, 7.5.0, 7.5.0 |
| IBM | QRadar SIEM | 7.5 |
Exploit Intelligence
- CIRCL seen: CVE-2024-28786 (circl-sighting)
- CIRCL seen: CVE-2024-28786 (circl-sighting)
- CIRCL seen: CVE-2024-28786 (circl-sighting)
- CIRCL seen: CVE-2024-28786 (circl-sighting)
- CIRCL seen: CVE-2024-28786 (circl-sighting)
- https://www.ibm.com/support/pages/node/7173420 (circl)
Timeline
- Oct 18, 2024 CVE Published
- Jan 27, 2025 PoC Published
- Jan 28, 2025 EPSS Score
- Jan 28, 2025 Coalition ESS Score
- Jan 28, 2025 PoC Published
- Jan 28, 2025 PoC Published
- Jan 28, 2025 PoC Published
- Jan 28, 2025 PoC Published
- Feb 12, 2025 EPSS Score
- Feb 27, 2025 EPSS Score
- Mar 14, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
References
- https://www.ibm.com/support/pages/node/7173421 advisory
- https://www.ibm.com/support/pages/node/7173043 advisory
- https://www.ibm.com/support/pages/node/7173420 advisory
- https://www.ibm.com/support/pages/node/7173226 advisory
- https://www.ibm.com/support/pages/node/7173224 advisory
- https://www.ibm.com/support/pages/node/7173097 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-28786 advisory