CVE-2019-4214

IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 159185.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:smartcloud_analytics_log_analysis:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-11-22 16:15

Updated : 2024-02-04 20:39


NVD link : CVE-2019-4214

Mitre link : CVE-2019-4214

CVE.ORG link : CVE-2019-4214


JSON object : View

Products Affected

ibm

  • smartcloud_analytics_log_analysis
CWE
CWE-311

Missing Encryption of Sensitive Data

CWE-732

Incorrect Permission Assignment for Critical Resource