CVE-2018-1484
CVE-2018-1484 affects IBM BigFix Platform versions 9.2.0–9.2.14 and 9.5–9.5.9. The root cause is that authorization tokens and session cookies are not marked with the Secure attribute, allowing the cookies to be sent over insecure links. An attacker could obtain cookie values by luring a user to ...