Vulnerability CVE-2022-38386
Published: 2024-05-01

Description:
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite for Software 1.10.12.0 through 1.10.19.0 does not set the SameSite attribute for sensitive cookies which could allow an attacker to obtain sensitive information using man-in-the-middle techniques. IBM X-Force ID: 233778.

Type:

CWE-1275

 References:
https://www.ibm.com/support/pages/node/7149811
https://exchange.xforce.ibmcloud.com/vulnerabilities/233778
Copyright 2024, cxsecurity.com

 

Back to Top