Low severity3.7NVD Advisory· Published Sep 17, 2019· Updated Jun 17, 2026
CVE-2019-4171
CVE-2019-4171
Description
IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 158876.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
210.3.0, 10.3.1, 10.4.0, 10.4.1+ 1 more
- (no CPE)range: 10.3.0, 10.3.1, 10.4.0, 10.4.1
- (no CPE)range: 10.3.1
Patches
Vulnerability mechanics
References
2- www.ibm.com/support/pages/security-bulletin-security-vulnerabilties-exist-ibm-cognos-controllernvdPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/158876nvdVDB EntryVendor Advisory
News mentions
0No linked articles in our index yet.