CVE-2020-4980: 
IBM QRadar SIEM vulnerability analysis and mitigation

IBM QRadar SIEM versions 7.3 (up to 7.3.3 Patch 7) and 7.4 (up to 7.4.3 GA) were found to use less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled, as well as data at rest. This vulnerability was assigned CVE-2020-4980 and was initially recorded on December 30, 2019 (CVE Mitre).

The vulnerability has been assigned a CVSS Base score of 5.3 with a vector of CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N. This scoring indicates that the vulnerability requires network adjacency for exploitation, has high attack complexity, requires no privileges, needs no user interaction, has a scope that's unchanged, and can result in high confidentiality impact but no integrity or availability impact (IBM Security).

The vulnerability primarily affects the confidentiality of data, both in transit between hosts and at rest. When the encrypt host connections feature is not enabled, the system uses less secure methods for data protection, potentially exposing sensitive information (IBM Security).

IBM has released patches to address this vulnerability: QRadar/QRM/QVM/QRIF/QNI 7.3.3 Patch 8 and QRadar/QRM/QVM/QRIF/QNI 7.4.3 Patch 1. No workarounds or alternative mitigations are available (IBM Security).