The vulnerability of the IBM Security Directory Integrator and the IBM Security Verify Directory Integrator data integration tools lies in the absence of a “Secure” flag in the session cookies. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Security Directory Integrator and the IBM Security Verify Directory Integrator data integration tools is related to the absence of the “Secure” flag in the session cookies. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain...

IBM Security Directory Integrator和IBM Security Verify Directory Integrator 安全漏洞

IBM Security Directory Integrator and IBM Security Verify Directory Integrator are both products of International Business Machines IBM.IBM Security Directory Integrator is an integrated development environment and runtime service. IBM Security Verify Directory Integrator is software for...

Security Bulletin: Security vulnerabilities fixed in IBM Security Directory Suite (CVE-2022-33167, CVE-2022-32754, CVE-2022-33162)

Summary Security vulnerabilities found in IBM Security Directory Integrator as shipped with IBM Security Directory Suite were fixed. Vulnerability Details CVEID:CVE-2022-33167 DESCRIPTION: IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could allow a...

Security Bulletin: Security Vulnerability fixed in IBM Security Directory Integrator (CVE-2022-32759)

Summary The IBM Security Directory Integrator product uses insufficient session expiration which affects the IBM Security Directory Server. The issue has been addressed in an update. Vulnerability Details CVEID:CVE-2022-32759 DESCRIPTION: IBM Security Directory Server uses insufficient session...

PT-2024-10411 · Ibm · Ibm Security Directory Integrator +1

Name of the Vulnerable Software and Affected Versions: IBM Security Directory Integrator version 7.2.0 IBM Security Verify Directory Integrator version 10.0.0 Description: The issue is related to the absence of the secure attribute in session cookies, allowing attackers to obtain cookie values by...