2 matches found
CVE-2020-4749
CVE-2020-4749 affects IBM Spectrum Scale 5.0.0 through 5.0.5.2, where authorization tokens or session cookies are issued without the secure attribute, enabling cookie snooping if a user visits an http link. Impact is limited to disclosure of cookie values via insecure requests; exploitation requi...
Security Bulletin: Multiple vulnerabilities affect the IBM Spectrum Scale GUI.
Summary Vulnerabilities exist in all levels of IBM Spectrum Scale GUI. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4749 DESCRIPTION: IBM Spectrum Scale does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get t...