CVE-2020-4289
published 2020-04-08CVE-2020-4289: IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow a remote attacker to obtain sensitive information, caused by the…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 176332.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | security_information_queue | — | — |
| ibm | security_information_queue | — | — |
| ibm | security_information_queue | — | — |
| ibm | security_information_queue | — | — |
| ibm | security_information_queue | — | — |
| ibm | security_information_queue | — | — |