CVE-2016-0351
CVE-2016-0351 affects IBM Security Identity Manager Virtual Appliance 7.0.x prior to 7.0.1.3-ISS-SIM-IF0001, where the session cookie in HTTPS does not set the secure flag, enabling cookie capture over HTTP. The IBM bulletin confirms multiple vulnerabilities and provides fixes for ISIM Virtual Ap...