IBM Security Verify Information Queue (using the acronym “ISIQ”) is a cross-product integrator that uses Kafka technology and a publish/subscribe model to integrate data between IBM Security products. Security Verify Information Queue is vulnerable to information disclosure in version 10.0.2. An information disclosure vulnerability exists due to a missing or insecure SameSite attribute of a sensitive cookie. An attacker could use the vulnerability to launch a targeted attack against the target and compromise site system security.
CPE | Name | Operator | Version |
---|---|---|---|
ibm security verify information queue | eq | 10.0.2 |