Lucene search
IbmCVELIST:CVE-2017-1142HistoryMar 27, 2017 - 10:00 p.m.
CVE-2017-1142
2017-03-2722:00:00
ibm
www.cve.org
4
EPSS
0.001
Percentile
41.6%
IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM Reference #: 1998874.
CNA Affected
[
{
"product": "Kenexa LCMS Premier on Cloud",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.1"
},
{
"status": "affected",
"version": "9.2"
},
{
"status": "affected",
"version": "9.2.1"
},
{
"status": "affected",
"version": "9.3.0"
},
{
"status": "affected",
"version": "9.4.0"
},
{
"status": "affected",
"version": "9.5.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.2.0"
},
{
"status": "affected",
"version": "10.3.0"
}
]
}
]Related
prion
prion
Information disclosure
2017-03-27 22:59:00
cve
cve
CVE-2017-1142
2017-03-27 22:59:00
nvd
nvd
CVE-2017-1142
2017-03-27 22:59:00
