PT-2015-5537 · Ibm · Ibm Security Qradar Incident Forensics

John Zuccato

Publicado

2015-11-08

Atualizado

2015-11-09

CVE-2015-1993

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Security QRadar Incident Forensics versions 7.2.x through 7.2.5 before Patch 5

Description The issue makes it easier for remote attackers to capture cookies by intercepting their transmission within an http session, as the secure flag is not set for unspecified cookies in an https session.

Recommendations For IBM Security QRadar Incident Forensics versions 7.2.x through 7.2.5 before Patch 5, apply Patch 5 to set the secure flag for cookies in https sessions and prevent their interception in http sessions.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2015-1993

Produtos afetados

Ibm Security Qradar Incident Forensics

PT-2015-5537 · Ibm · Ibm Security Qradar Incident Forensics

CVE-2015-1993

Identificadores relacionados

Produtos afetados

Referências · 2