CVE-2019-4330
CVE-2019-4330
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.1EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
28 Oct 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210.
CVSS:3.0/PR:N/I:N/AC:H/S:U/A:N/AV:N/C:L/UI:R/RL:O/RC:C/E:U
Affected products
IBM · Security Guardium Big Data IntelligenceWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →