Information Disclosure Vulnerability in IBM ApplinX by IBM
CVE-2024-49797
5.9MEDIUM
Summary
IBM ApplinX 11.1 has a vulnerability stemming from improper configuration of HTTP Strict Transport Security (HSTS). This oversight can allow remote attackers to exploit the system, potentially gaining access to sensitive information through man-in-the-middle techniques. Proper implementation of HSTS is essential to ensure the confidentiality and integrity of the data transmitted, as insufficient enforcement may expose users and their data to significant risks.
Affected Version(s)
ApplinX 11.1
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published