Skip to main content
CVE-2015-5044 LOW Monitor

The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x before 7.2.5 Patch 4 IF3 allows remote attackers to cause a denial of service via unspecified packets. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

IBM Denial Of Service Qradar Security Information And Event Manager
NVD
CVSS 2.0
3.3
EPSS
0.2%
CVE-2015-7412 LOW Monitor

The GatewayScript modules on IBM DataPower Gateways with software 7.2.0.x before 7.2.0.1, when the GatewayScript decryption API or a JWE decrypt action is enabled, do not require signed ciphertext. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure Oracle Datapower Gateway
NVD
CVSS 2.0
2.6
EPSS
0.2%
CVE-2015-4940 LOW Monitor

Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Apache Ambari
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-1996 LOW Monitor

IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Security Qradar Incident Forensics
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy