CVE Published: 19/07/2023 |
CVE Updated: 21/10/2024 |
CVE Year: 2023 Source: ibm |
Vendor: IBM |
Product: Sterling Connect:Express for UNIX Status : PUBLISHED
CVE-2023-29259 Description
IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055.
Metrics
CVSS Version: 3.1 |
Base Score: 3.7 LOW Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N