← back
CVE-2020-4780

CVE-2020-4780

CVSS 4.3 MEDIUMEPSS 1.0%
OOTB build scripts does not set the secure attribute on session cookie which may impact IBM Curam Social Program Management 7.0.9 and 7.0,10. The purpose of the 'secure' attribute is to prevent cookies from being observed by unauthorized parties. IBM X-Force ID: 189158.
CVSS:3.0/PR:N/AV:N/A:N/I:N/AC:L/S:U/UI:R/C:L/RC:C/RL:O/E:U
Affected products
IBM · Curam SPM

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/189158https://www.ibm.com/support/pages/node/6346581