Lucene search
+L

4 matches found

NVD
NVD
added 2025/01/27 2:15 a.m.32 views

CVE-2024-28771

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user...

6.5CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/27 1:12 a.m.33 views

CVE-2024-28771 IBM Security Directory Integrator information disclosure

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user...

4.8CVSS0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/27 1:12 a.m.12 views

CVE-2024-28771 IBM Security Directory Integrator information disclosure

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user...

4.8CVSS4.9AI score0.00175EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/24 3:42 p.m.19 views

Security Bulletin: Security Vulnerability fixed in IBM Security Directory Integrator (CVE-2024-28771, CVE-2024-28770, CVE-2024-28766)

Summary Multiple Security Vulnerabilities were fixed in the IBM Security Directory Integrator product. Vulnerability Details CVEID:CVE-2024-28771 DESCRIPTION: IBM Security Directory Integrator does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to g...

7.5CVSS5.7AI score0.00303EPSS
Exploits0Affected Software1
Rows per page
Query Builder