Information disclosure in Ibm Websphere_extreme_scale

CVE-2015-2025

IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transm…

Vulnerability class: Information Disclosure

EPSS: 0.012 (65.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References