Medium severity5.3NVD Advisory· Published Nov 30, 2020· Updated Jun 17, 2026
CVE-2020-4625
CVE-2020-4625
Description
IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21.3.0.1+ 1 more
- (no CPE)range: 1.3.0.1
- (no CPE)range: 1.3.0.1
Patches
Vulnerability mechanics
References
2- www.ibm.com/support/pages/node/6372536nvdPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/185360nvdVDB EntryVendor Advisory
News mentions
0No linked articles in our index yet.