1. Home
  2. CVE Database
  3. CVE-2015-7410
HIGH · 7.4

CVE-2015-7410

The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or m...

Vulnerability Description

The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.

CVSS Score

7.4

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
IbmSterling B2B Integrator5.2

Related Weaknesses (CWE)

CWE-17

References

FAQ

What is CVE-2015-7410?

CVE-2015-7410 is a vulnerability with a CVSS score of 7.4 (HIGH). The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or m...

How severe is CVE-2015-7410?

CVE-2015-7410 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7410?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Sterling B2B Integrator.