Medium Severity

IBM Security Bulletin: IBM QRadar WinCollect Agent Does Not Verify TLS Syslog Certificate (CVE-2019-4264)

May 25, 2019 9:01 am EDT

Categorized: Medium Severity

Share this post:

When configured for TLS Syslog the Wincollect agent does not verify the authenticity or accuracy of the server certificate. Even when a certificate is specified within the WinCollect configuration it is ignored, and any certificate presented by the server is blindly accepted while negotiating TLS.

CVE(s): CVE-2019-4264

Affected product(s) and affected version(s):
WinCollect Agent 7.1.2 – WinCollect Agent 7.2.8 Patch 2 (32-bit) WinCollect Agent 7.1.2 – WinCollect Agent 7.2.8 Patch 2 (64-bit)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10885464
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160072


Previous Post

IBM Security Bulletin: Security vulnerability affects the Report Builder shipped with Jazz Reporting Service (CVE-2019-4184)

Next Post

IBM Security Bulletin: A vulnerability in Google Guava could affect IBM Cloud App Management V2018
More stories

IBM Security Bulletin: Vulnerability in strongswan affects QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter

Jun 16, 2019 9:01 am EDT | Medium Severity

The following vulnerability in strongswan has been addressed by QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter: CVE(s): CVE-2018-10811 Affected product(s) and affected version(s): Product Affected Version QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter Firmware Update 7.10 Refer to the following reference URLs for remediation and ...read more

IBM Security Bulletin: Vulnerabilities in OpenSSL and strongswan affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru

Jun 16, 2019 9:00 am EDT | Medium Severity

The following vulnerabilities in OpenSSL and strongswan have been addressed by IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru. CVE(s): CVE-2018-0739, CVE-2018-10811 Affected product(s) and affected version(s): Product Affected Version IBM Flex System FC3171 8Gb SAN Switch and IBM Flex System FC3171 8Gb SAN Pass-thru Firmware Update 9.1 Refer to the following reference ...read more

IBM Security Bulletin: IBM Cloud Private Platform-UI is vulnerable to a cross-site request forgery attack (CVE-2019-4142)

Jun 15, 2019 9:00 am EDT | Medium Severity

IBM Cloud Private Platform-UI is vulnerable to a cross-site request forgery attack CVE(s): CVE-2019-4142 Affected product(s) and affected version(s):IBM Cloud Private 2.1.x, 3.1.0, 3.1.1, 3.1.2 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10885434X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158338 ...read more