IBM Control Desk 7.6.1 does not set the secure attribute on authorization tokens or session cookies. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information Disclosure
IBM
Control Desk
NVD
CVSS 3.1
4.3
EPSS
0.5%
Prev
Page 2 of 2