Description
IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
Remediation
References
Related Vulnerabilities
MySQL CVE-2018-2640 Vulnerability (CVE-2018-2640)
WordPress Plugin Discount Rules for WooCommerce Multiple Vulnerabilities (2.0.2)
WordPress Plugin Wufoo Shortcode Cross-Site Scripting (1.51)
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-12747)
Apache HTTP Server Improper Access Control Vulnerability (CVE-2016-4979)