CVE-2019-4330
3.1
CVSS:3.0/PR:N/I:N/AC:H/S:U/A:N/AV:N/C:L/UI:R/RL:O/RC:C/E:U
Summary
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Security Guardium Big Data Intelligence | 4 | affected |
Weaknesses
- Obtain Information
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/1096384
- https://exchange.xforce.ibmcloud.com/vulnerabilities/161210
References
- https://www.ibm.com/support/pages/node/1096384
- https://exchange.xforce.ibmcloud.com/vulnerabilities/161210
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.