CVE-2015-1993

Currently unrated

Key Information:

Vendor: IBM
Status: Security Qradar Incident Forensics
Vendor: CVE Published:; 8 November 2015

Summary

IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21968270

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 8, 2015
Vulnerability Reserved
Feb 19, 2015