Medium Severity

Security Bulletin: Information disclosure in WebSphere Application Server Liberty bundled with IBM Operations Analytics – Log Analysis (CVE-2019-4305)

Share this post:

Cookie created without secure flag in WAS Liberty

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Log Analysis 1.3.1
Log Analysis 1.3.2
Log Analysis 1.3.3
Log Analysis 1.3.4
Log Analysis 1.3.5

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/2485545

More stories

Security Bulletin: Vulnerability in IBM Java Runtime affects Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2019-2989)

Feb 17, 2020 7:00 pm EST | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 and Version 7 used by Watson Explorer and Watson Explorer Content Analytics Studio. Watson Explorer and Watson Explorer Content Analytics Studio have addressed the applicable CVE. ...read more


Security Bulletin: Bypass security restrictions in WebSphere Application Server Liberty affect IBM Operations Analytics – Log Analysis (CVE-2019-4304)

Feb 17, 2020 7:00 pm EST | Medium Severity

Inadequate session invalidation allow bypass security restrictions in WebSphere Application Server Liberty ...read more