Ibm: >> Infosphere Biginsights >> 2.1.2.0 Security Vulnerabilities
The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert management-services API information via a network-tracing attack.
CVSS Score
5.0
EPSS Score
0.002
Published
2015-02-13
IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure flag for the LTPA cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
CVSS Score
2.9
EPSS Score
0.001
Published
2014-08-17