Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.7 views

CVE-2023-42016

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the...

4.3CVSS6AI score0.00272EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/22 4:19 p.m.22 views

Security Bulletin: IBM Sterlng B2B Integrator missing security attribute in cookie (CVE-2023-42016)

Summary IBM Sterling B2B Integrator has addressed a cookie security vulnerability. Vulnerability Details CVEID:CVE-2023-42016 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the...

4.3CVSS4.1AI score0.00272EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/02/09 1:15 a.m.3 views

CVE-2023-42016

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the...

4.3CVSS5.6AI score0.00272EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/09 1:1 a.m.7 views

CVE-2023-42016 IBM Sterling B2B Integrator information disclosure

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the...

4.3CVSS6.1AI score0.00272EPSS
Exploits0References2
CVE
CVE
added 2024/02/09 1:1 a.m.55 views

CVE-2023-42016

IBM Sterling B2B Integrator Standard Edition v6.0.0.0–6.0.3.8 and v6.1.0.0–6.1.2.3 omits the secure attribute on authorization tokens and session cookies, enabling cookie exposure via http links or injected sites. This aligns with IBM’s Security Bulletin detailing the vulnerability and CVSS ~4.3 ...

4.3CVSS4.2AI score0.00272EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/02/09 1:1 a.m.23 views

CVE-2023-42016 IBM Sterling B2B Integrator information disclosure

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the...

4.3CVSS4.4AI score0.00272EPSS
Exploits0References2
Rows per page
Query Builder