2 matches found
Security Bulletin: IBM Security Directory Server vulnerable to multiple issues (CVE-2019-4563, CVE-2019-4547)
Summary Multiple security vulnerabilities have been fixed and delivered in IBM Security Directory Server. Vulnerability Details CVEID: CVE-2019-4563 DESCRIPTION: IBM Security Directory Server does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to ge...
CVE-2019-4563
The vulnerability CVE-2019-4563 affects IBM Security Directory Server 6.4.0. The underlying issue is that authorization tokens and session cookies are not marked Secure, allowing an attacker to obtain cookie values by luring users to an http:// link or via a site the user visits, enabling traffic...