Sensitive Information Exposure in IBM Security QRadar Incident Forensics
CVE-2015-1999
Currently unrated
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 8 November 2015
Summary
The vulnerability allows remote attackers to extract sensitive information through the exposure of session IDs in HTTPS URLs due to improper handling. When accessed, these session IDs may appear in web-server access logs, Referer logs, or be retrievable from the user's browser history, potentially leading to unauthorized access or information leakage.
References
Timeline
Vulnerability published
Vulnerability Reserved