← Back to CVE List

CVE-2018-1804

Published: 2018-12-13T16:29Z
Last Modified: 2024-11-21T04:00Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 149703. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt