CVE-2019-4171
IBM Cognos Controller versions 10.3.0–10.4.1 expose an information-disclosure vulnerability where authorization tokens and session cookies are sent without the Secure attribute, enabling potential MITM access to sensitive data. Affected products/versions are IBM Cognos Controller 10.3.0, 10.3.1, ...