IBM Control Desk 7.6.1 HTTPOnly Flag Missing: Remote Info Leak
CVE-2022-22330 Published on September 13, 2022

IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 219126.

NVD

Products Associated with CVE-2022-22330

Want to know whenever a new CVE is published for IBM Control Desk? stack.watch will email you.

IBM Control Desk

Affected Versions

IBM Control Desk Version 7.6.1 is affected by CVE-2022-22330

Exploit Probability

EPSS

0.13%

Percentile

32.97%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

IBM Control Desk 7.6.1 HTTPOnly Flag Missing: Remote Info LeakCVE-2022-22330 Published on September 13, 2022

Products Associated with CVE-2022-22330

Affected Versions

Exploit Probability

IBM Control Desk 7.6.1 HTTPOnly Flag Missing: Remote Info Leak
CVE-2022-22330 Published on September 13, 2022