CVE-2019-4704
CVE-2019-4704 affects IBM Security Identity Manager Virtual Appliance versions 7.0.2 (also 7.0.1 per remediation) where authorization tokens and session cookies are missing the secure attribute. The root issue is cookie handling that allows cookies to be transmitted over insecure links (http), en...