Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM BigFix Inventory 代码问题漏洞
Vulnerability Description
IBM BigFix Inventory是美国IBM公司的一套用于软件控制和安全风险缓解的解决方案。 IBM BigFix Inventory v10.0.2 之前版本存在安全漏洞,该漏洞源于没有为https会话中的会话cookie设置安全标志,这可能会导致cookie以http请求的形式发送,从而使远程攻击者可利用该漏洞更容易捕获该cookie。
CVSS Information
N/A
Vulnerability Type
N/A