Medium Severity

IBM Security Bulletin: IBM QRadar WinCollect Agent Does Not Verify TLS Syslog Certificate (CVE-2019-4264)

May 25, 2019

Categorized: Medium Severity

Share this post:

When configured for TLS Syslog the Wincollect agent does not verify the authenticity or accuracy of the server certificate. Even when a certificate is specified within the WinCollect configuration it is ignored, and any certificate presented by the server is blindly accepted while negotiating TLS.

CVE(s): CVE-2019-4264

Affected product(s) and affected version(s):
WinCollect Agent 7.1.2 – WinCollect Agent 7.2.8 Patch 2 (32-bit) WinCollect Agent 7.1.2 – WinCollect Agent 7.2.8 Patch 2 (64-bit)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10885464
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160072


Previous Post

IBM Security Bulletin: Security vulnerability affects the Report Builder shipped with Jazz Reporting Service (CVE-2019-4184)

Next Post

IBM Security Bulletin: A vulnerability in Google Guava could affect IBM Cloud App Management V2018
More stories

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNOME libxml2 (CVE-2022-29824)

December 1, 2022 | Medium Severity

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNOME libxml2, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (CVE-2022-29824). GNOME libxml2 is used as part of the base image included in our service components. Please read the details for remediation below. ...read more

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-22844

December 1, 2022 | Medium Severity

LibTIFF is not used directly by IBM App Connect Enterprise Certified Container but is present in the DesignerAuthoring image used for mapping assistance, which may be vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability CVE-2022-22844 in LibTIFF. ...read more

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-25310

December 1, 2022 | Medium Severity

GNU Fribidi is used by IBM App Connect Enterprise Certified Container for handling unicode. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability CVE-2022-25310 in GNU FriBidi. ...read more