Missing or Insecure SameSite Attribute in IBM Security Guardium 11.5 Could Lead to Sensitive Information Disclosure

Missing or Insecure SameSite Attribute in IBM Security Guardium 11.5 Could Lead to Sensitive Information Disclosure

CVE-2022-43906 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897.

Learn more about our Web Application Penetration Testing UK.