Session Cookie Vulnerability in IBM License Key Server
CVE-2014-0909

Currently unrated

Key Information:

Vendor

IBM
Status
Rational License Key Server
Vendor
CVE Published:
10 September 2014

What is CVE-2014-0909?

The Administration and Reporting Tool in IBM Rational License Key Server prior to version 8.1.4.4 fails to set the secure flag for session cookies during HTTPS sessions. This omission allows remote attackers to potentially intercept session cookies by capturing their transmissions over unsecured HTTP connections, thereby compromising the security of sensitive user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/69642
vdb-entryx_refsource_BID
http://www-01.ibm.com/support/docview.wss?uid=swg24038045
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/91872
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.