CVE-2014-0905

Currently unrated

Key Information:

Vendor
IBM
Status
Infosphere Biginsights
Vendor
CVE Published:
17 August 2014

Summary

IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure flag for the LTPA cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21680830
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/91720
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.