CVE-2014-0905IBM Infosphere Biginsights vulnerability

CWE-2643 documents3 sources
Severity
2.9LOWNVD
EPSS
0.1%
top 70.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Infosphere Biginsights
Timeline
PublishedAug 17
Latest updateMay 17

Description

IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure flag for the LTPA cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

CVSS vector

AV:A/AC:M/C:P/I:N/A:NExploitability: 5.5 | Impact: 2.9

Affected Packages1 packages

NVDibm/infosphere_biginsights4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-7f3j-g2c7-pj76: IBM InfoSphere BigInsights 22022-05-17
CVEList
CVE-2014-0905: IBM InfoSphere BigInsights 22014-08-17
CVE-2014-0905 — IBM vulnerability | cvebase