4 matches found
CVE-2024-28771
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user...
CVE-2024-28771 IBM Security Directory Integrator information disclosure
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user...
CVE-2024-28771 IBM Security Directory Integrator information disclosure
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user...
Security Bulletin: Security Vulnerability fixed in IBM Security Directory Integrator (CVE-2024-28771, CVE-2024-28770, CVE-2024-28766)
Summary Multiple Security Vulnerabilities were fixed in the IBM Security Directory Integrator product. Vulnerability Details CVEID:CVE-2024-28771 DESCRIPTION: IBM Security Directory Integrator does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to g...