CVE-2021-38977

LOW Year: 2021
CVSS v3 Score
3.1
Low
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-311
View all →

Vulnerability Description

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 212782.

Related Vulnerabilities

CVE-2018-8864

LOW
CVSS:3.1(Low)

In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio tran...

CWE-3112018

CVE-2020-2249

LOW
CVSS:3.3(Low)

Jenkins Team Foundation Server Plugin 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access...

CWE-3112020

CVE-2023-33833

LOW
CVSS:3.3(Low)

IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. IBM X-Force ID: 256013.

CWE-3112023

CVE-2020-4591

LOW
CVSS:2.9(Low)

IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted co...

CWE-3112020

CVE-2019-13922

LOW
CVSS:2.7(Low)

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password. The secu...

CWE-3112019

CVE-2019-4171

LOW
CVSS:3.7(Low)

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information usin...

CWE-3112019