VYPR
Low severity3.7NVD Advisory· Published Sep 17, 2019· Updated Jun 17, 2026

CVE-2019-4171

CVE-2019-4171

Description

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 158876.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/Cognos Controllerllm-fuzzy2 versions
    10.3.0, 10.3.1, 10.4.0, 10.4.1+ 1 more
    • (no CPE)range: 10.3.0, 10.3.1, 10.4.0, 10.4.1
    • (no CPE)range: 10.3.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.