Vulnerabilities > Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

DATE CVE VULNERABILITY TITLE RISK
2025-01-27 CVE-2024-28770 IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies.
network
high complexity
CWE-614
4.8
4.8
2025-01-27 CVE-2024-28771 IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies.
network
high complexity
CWE-614
4.8
4.8