Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 159185.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Operations Analytics-Log Analysis 安全漏洞
Vulnerability Description
IBM Operations Analytics-Log Analysis是美国IBM公司的一套半结构化数据分析解决方案。该产品主要用于应用程序日志分析和问题诊断等。 IBM Operations Analytics-Log Analysis中存在安全漏洞,该漏洞源于程序没有设置cookie中的HttpOnly和Secure属性。攻击者可利用该漏洞拦截传递的信息,获取明文形式的cookie信息。以下产品及版本受到影响:IBM Operations Analytics-Log Analysis 1.3.1版
CVSS Information
N/A
Vulnerability Type
N/A