2 matches found
IBM Security QRadar Incident Forensics中间人攻击漏洞(CVE-2015-1993)
No description provided by source...
CVE-2015-1993
IBM QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 fails to set the secure flag on session cookies in HTTPS, enabling potential cookie capture via MITM when redirected to HTTP. Impact: partial confidentiality exposure. Remediation: install IBM QRadar 7.2.5 Patch 5 (or newer QRadar/QRM/QVM/Q...