CVE-2015-1993

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:N/A

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 08/11/15 - Updated on 09/11/15

Description

IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2015-1993

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
ibmsecurity_qradar_incident_forensics

Share this vulnerability with:

Twitter Facebook LinkedIn Mail