The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Link | Tags |
---|---|
http://www.securityfocus.com/bid/79685 | vdb entry |
http://www-01.ibm.com/support/docview.wss?uid=swg21972676 | vendor advisory |