CVE-2019-4330
MEDIUMIBM Security Guardium Big Data Intelligence - Info Disclosure
Title source: llmDescription
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/pages/node/1096384
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/161210
Scores
CVSS v3
4.3
EPSS
0.0112
EPSS Percentile
61.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Details
CWE
CWE-565
Status
published
Products (1)
ibm/security_guardium_big_data_intelligence
4.0
Published
Oct 29, 2019
Tracked Since
Feb 18, 2026