CVE-2021-29750: 
IBM QRadar SIEM vulnerability analysis and mitigation

IBM QRadar SIEM versions 7.3 and 7.4 was discovered to use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The vulnerability was assigned CVE-2021-29750 and was disclosed on September 15, 2021. The affected systems include QRadar SIEM versions 7.3 (all HTTPReceiver versions before 7.3.0-QRADAR-PROTOCOL-HTTPReceiver-7.3-20210805183115) and 7.4 (all HTTPReceiver versions before 7.4.0-QRADAR-PROTOCOL-HTTPReceiver-7.4-20210823144546) (IBM Support).

The vulnerability was assigned a CVSS v3.1 base score of 5.9 MEDIUM with vector CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating that it is network accessible but requires high attack complexity, needs no privileges or user interaction, and can result in high confidentiality impact without affecting integrity or availability. The weakness is classified as CWE-327: Use of a Broken or Risky Cryptographic Algorithm (NVD).

The vulnerability could allow attackers to decrypt highly sensitive information due to the implementation of cryptographic algorithms that are weaker than expected. This poses a significant confidentiality risk as sensitive data could be exposed if successfully exploited (IBM Support).

IBM released patches to address this vulnerability. For version 7.3, users should update to 7.3.0-QRADAR-PROTOCOL-HTTPReceiver-7.3-20210805183115 or later. For version 7.4, users should update to 7.4.0-QRADAR-PROTOCOL-HTTPReceiver-7.4-20210823144546 or later. These fixes were released as part of the August 31, 2021 auto update bundle. No workarounds are available for this vulnerability (IBM Support).