CVE-2024-31905 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-31905 PUBLISHED CVSS 5.900000095367432 MEDIUM

IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 289858.

EPSS 0.01% · 2.3th percentile

Risk Scores

CVSS v3.1

5.900000095367432

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.01%

2.3th percentile

Affected Products

Vendor	Product	Versions
IBM	QRadar Network Packet Capture	7.5
ibm	qradar_network_packet_capture	7.5.0, 7.5.0, 7.5.0

Timeline

Aug 15, 2024 CVE Published
Aug 16, 2024 EPSS Score
Sep 5, 2024 EPSS Score
Sep 25, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 16, 2024 EPSS Score
Nov 5, 2024 EPSS Score
Nov 25, 2024 EPSS Score
Dec 16, 2024 EPSS Score
Jan 5, 2025 EPSS Score
Jan 25, 2025 EPSS Score
Feb 15, 2025 EPSS Score

References

https://www.ibm.com/support/pages/node/7160961 vendor-advisory
https://www.ibm.com/support/pages/node/7161462 advisory
https://www.ibm.com/support/pages/node/7160858 advisory
https://nvd.nist.gov/vuln/detail/CVE-2024-31905 advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/289858 url

Open in Interactive Console →