IBM Sterling Secure Proxy is an application proxy from International Business Machines (IBM) that is used to ensure the secure transfer of files in an organization’s unprotected zone (DMZ). An information disclosure vulnerability exists in IBM Sterling Secure Proxy that stems from not setting a security attribute on an authorization token or session cookie, which could be exploited by an attacker to obtain a cookie value by sending an http link to a user or planting this link on a website that the user visits.