Session Cookie Vulnerability in IBM WebSphere eXtreme Scale Products
CVE-2015-2025

Currently unrated

Key Information:

Vendor

IBM
Status
Websphere Extreme Scale
Vendor
CVE Published:
4 October 2015

What is CVE-2015-2025?

The WebSphere eXtreme Scale versions 7.1.0 (prior to 7.1.0.3) and 7.1.1 (prior to 7.1.1.1) fail to secure session cookies by not setting the 'secure' flag for HTTPS sessions. This oversight allows attackers to potentially intercept session cookies during transmission over unsecured HTTP connections, increasing the risk of unauthorized access and data compromise.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=swg21966044
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105
vendor-advisoryx_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098
vendor-advisoryx_refsource_AIXAPAR

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.