Unrated severityNVD Advisory· Published Dec 13, 2018· Updated Sep 17, 2024
CVE-2018-1804
CVE-2018-1804
Description
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 149703.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
29.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, 9.0.5.0+ 1 more
- (no CPE)range: 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, 9.0.5.0
- (no CPE)range: 9.0.1.0
Patches
Vulnerability mechanics
References
2- www.ibm.com/support/docview.wssmitrex_refsource_CONFIRM
- exchange.xforce.ibmcloud.com/vulnerabilities/149703mitrevdb-entryx_refsource_XF
News mentions
0No linked articles in our index yet.