Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WebSphere Service Registry and Repository Web UI 安全漏洞
Vulnerability Description
IBM WebSphere Service Registry and Repository(WSRR)是美国IBM公司的一个用于服务交互端点描述的主元数据存储库,它提供了存储、访问和管理有关服务信息的功能,并且是SOA实现的关键组成部分。 IBM WSRR的Web UI中存在安全漏洞,该漏洞源于程序没有为https会话的cookie设置安全标志。远程攻击者可通过拦截http会话的传输利用该漏洞捕获cookie。以下版本受到影响:IBM WSRR 6.3.x版本至6.3.0.5版本,7.0.x版本至7.0.
CVSS Information
N/A
Vulnerability Type
N/A