← back
CVE-2019-4330

CVE-2019-4330

CVSS 3.1 LOWEPSS 1.1%
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.1EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
28 Oct 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210.
CVSS:3.0/PR:N/I:N/AC:H/S:U/A:N/AV:N/C:L/UI:R/RL:O/RC:C/E:U

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →