IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210.
https://www.ibm.com/support/pages/node/1096384
https://exchange.xforce.ibmcloud.com/vulnerabilities/161210
Source: Mitre, NVD
Published: 2019-10-29
Updated: 2022-12-13
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N
Severity: Medium
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N