← volver
CVE-2017-1142

CVE-2017-1142

EPSS 1.2%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.2%KEV nãoPoC Patch
Ciclo de vida
27 mar 2017Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM Reference #: 1998874.
Productos afectados
IBM Corporation · Kenexa LCMS Premier on Cloud

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://www.ibm.com/support/docview.wss?uid=swg21998874http://www.securityfocus.com/bid/97081