CNNVD-202509-1197 Information
CNNVD ID
CNNVD-202509-1197
Related CVE
- CNNVD Published: 2025-09-09
Description (Chinese)
IBM Jazz for Service Management是美国国际商业机器(IBM)公司的一款提供对服务管理环境可见性的集成服务管理产品。 IBM Jazz for Service Management 1.1.3.0至1.1.3.24版本存在安全漏洞,该漏洞源于授权令牌和会话cookie未设置安全属性,可能导致cookie泄露。
Description (English)
IBM Jazz for Service Management is an integrated service management product provided by the United States International Business Machinery (IBM) company that provides visibility to the service management environment. IBM Jazz for Service Management 1.1.3.0 to 1.1.3.24 contains a security loophole, which stems from the absence of security attributes for authorized tokens and session cookies, which could lead to cookies leaking.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-09-09
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7244357 https://access.redhat.com/security/cve/cve-2025-36011
Patch
https://www.ibm.com/support/pages/node/7244357
Share on: