HTTPOnly Flag Vulnerability in IBM Lotus Notes Web Application
CVE-2012-4846

Currently unrated

Key Information:

Vendor

IBM
Status
Lotus Notes
Vendor
CVE Published:
19 December 2012

What is CVE-2012-4846?

IBM Lotus Notes versions 8.5.x prior to 8.5.3 FP3 are vulnerable due to the absence of the HTTPOnly flag in the Set-Cookie header of web-application cookies. This oversight allows remote attackers to exploit script access to these cookies, potentially leading to the unauthorized acquisition of sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/79535
vdb-entryx_refsource_XF
http://www.ibm.com/support/docview.wss?uid=swg21620361
x_refsource_CONFIRM
http://www.ibm.com/support/docview.wss?uid=swg21619604
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.