CVE-2017-1142 in Kenexa LCMS Premier on Cloud
Summary
by MITRE
IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM Reference #: 1998874.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 08/23/2020
This vulnerability exists in IBM Kenexa LCMS Premier on Cloud versions 9.x and 10.0 where the application fails to properly configure session cookies when operating in SSL mode. The specific technical flaw involves the absence of the secure flag in session cookie settings, which represents a critical weakness in web application security architecture. According to CWE-614, this constitutes a weakness in cookie security configuration where sensitive session data is transmitted without proper protection mechanisms. The vulnerability creates an attack surface that directly violates fundamental web security principles and can be classified under the ATT&CK technique T1566 for credential access through network sniffing and interception.
The operational impact of this vulnerability is significant as it allows remote attackers to capture session cookies during HTTP transmission, effectively enabling session hijacking attacks. When the secure flag is not set on session cookies, the cookies can be transmitted over both HTTP and HTTPS connections, making them susceptible to interception in man-in-the-middle scenarios. An attacker can exploit this by positioning themselves in the network path between the client and server to capture the cookie during transmission, then use this captured session information to impersonate legitimate users and gain unauthorized access to sensitive data and application functionality. This vulnerability directly enables privilege escalation and data exfiltration attacks.
The mitigation strategy for this vulnerability involves implementing proper cookie security configurations where the secure flag must be explicitly set to true for all session cookies transmitted over SSL connections. Organizations should ensure that their web applications properly configure cookies with both the secure and HttpOnly flags to prevent session hijacking and cross-site scripting attacks. IBM has addressed this issue through patch updates that enforce proper cookie security settings. Network administrators should also implement additional monitoring and detection capabilities to identify unusual cookie transmission patterns and unauthorized access attempts. The fix aligns with security best practices outlined in the OWASP Top Ten and NIST Cybersecurity Framework, specifically addressing the protection of sensitive data in transit and authentication mechanisms.