6 matches found
CVE-2023-42016
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the...
Security Bulletin: IBM Sterlng B2B Integrator missing security attribute in cookie (CVE-2023-42016)
Summary IBM Sterling B2B Integrator has addressed a cookie security vulnerability. Vulnerability Details CVEID:CVE-2023-42016 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the...
CVE-2023-42016
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the...
CVE-2023-42016 IBM Sterling B2B Integrator information disclosure
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the...
CVE-2023-42016
IBM Sterling B2B Integrator Standard Edition v6.0.0.0–6.0.3.8 and v6.1.0.0–6.1.2.3 omits the secure attribute on authorization tokens and session cookies, enabling cookie exposure via http links or injected sites. This aligns with IBM’s Security Bulletin detailing the vulnerability and CVSS ~4.3 ...
CVE-2023-42016 IBM Sterling B2B Integrator information disclosure
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the...