CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-4233

IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 175360.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.2%

CVSS Severity

CVSS v3 Score 3.7

CVSS v2 Score 5.0

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/175360
https://www.ibm.com/support/pages/node/6207912
https://exchange.xforce.ibmcloud.com/vulnerabilities/175360
https://www.ibm.com/support/pages/node/6207912

Products affected by CVE-2020-4233

Ibm » Security Identity Governance And Intelligence » Version: 5.2.6

cpe:2.3:a:ibm:security_identity_governance_and_intelligence:5.2.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-4233

Products

Pricing

Contact Us