What is CVE-2018-1484?

CVE-2018-1484 is a low-severity vulnerability in Ibm Bigfix Platform. CVSS score: 3.7/10. Published 2018-12-12.

How severe is CVE-2018-1484?

Low severity. CVSS v3 base score is 3.7 out of 10.

Vulnerability in Ibm Bigfix Platform

CVE-2018-1484

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting…

EPSS: 0.001 (33.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.7 (Low). Vector: CVSS:3.0/A:N/AC:H/AV:N/C:L/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O.

Affected products

Ibm Bigfix Platform — versions 9.2.14, 9.5.9, 9.5.0

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
ibm-bigfix-cve20181484-info-disc(140969) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2018-1484?: CVE-2018-1484 is a low-severity vulnerability in Ibm Bigfix Platform. CVSS score: 3.7/10. Published 2018-12-12.
How severe is CVE-2018-1484?: Low severity. CVSS v3 base score is 3.7 out of 10.