Vulnerabilities > IBM > Cloud Automation Manager > 3.2.1.0

DATE CVE VULNERABILITY TITLE RISK
2020-03-16 CVE-2019-4617 Session Fixation vulnerability in IBM Cloud Automation Manager 3.2.1.0
IBM Cloud Automation Manager 3.2.1.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability.
local
low complexity
ibm CWE-384
4.4
4.4
2020-02-05 CVE-2019-4616 Missing Encryption of Sensitive Data vulnerability in IBM Cloud Automation Manager 3.2.1.0
IBM Cloud Automation Manager 3.2.1.0 does not set the secure attribute on authorization tokens or session cookies.
low complexity
ibm CWE-311
3.5
3.5