CVE-2015-0102
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-0102
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM Workflow for Bluemix 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM Bluemix是美国IBM公司的一套开放标准,也是一套用于建设、运行和管理应用程序和服务的云平台。IBM Workflow for Bluemix是用于IBM Bluemix平台中的一个工作流服务。 IBM Workflow for Bluemix中存在授权问题漏洞,该漏洞源于程序未对会话cookies设置secure标识。远程攻击者可通过拦截在http会话中的传输利用该漏洞捕获cookie。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| IBM | Workflow for Bluemix | unknown | - |
II. Public POCs for CVE-2015-0102
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-0102
Please Login to view more intelligence information
- http://www.securityfocus.com/bid/74220x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2015-0102
Same Patch Batch · IBM · 2020-02-05 · 5 CVEs total
| CVE-2019-4613 | IBM Planning Analytics 跨站请求伪造漏洞 | |
| CVE-2019-4616 | IBM Cloud Automation Manager 信息泄露漏洞 | |
| CVE-2019-4670 | IBM WebSphere Application Server 信息泄露漏洞 | |
| CVE-2013-0507 | IBM InfoSphere Information Server 授权问题漏洞 |
IV. Related Vulnerabilities
Same vendor: IBM
- CVE-2026-1577
IBM® Db2® is vulnerable to a denial of service with a specia - CVE-2025-36122
IBM® Db2® is vulnerable to a denial of service with a specia - CVE-2025-14688
IBM® Db2® is vulnerable to a denial of service when fetching - CVE-2026-2311
IBM i is affected by a privilege escalation vulnerability in - CVE-2025-36180
Inadequate Pod Communication Restrictions, affects watsonx.d
V. Comments for CVE-2015-0102
No comments yet