NVD

Id
83688  
Name
CVE-2017-1142  
Description
IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM Reference #: 1998874.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:N/A:N)  
Pub Date
2017-04-27  
Published
2017-03-27  
Modified Date
2017-03-31  
Seq
2017-1142  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
66409 JVNDB-2017-002747 IBM Kenexa LCMS Premier on Cloud における情報漏えいに関する脆弱性 IBM Kenexa LCMS Premier on Cloud には、情報漏えいに関する脆弱性が存在します。 CVE-2017-1142 0 CVE-2017-1142 83688 4 6.5 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-002747.html 2017-03-23 2017-04-27 View