A vulnerability has been identified in SINEC Traffic...
High severity
Unreviewed
Published
Jun 11, 2024
to the GitHub Advisory Database
•
Updated Nov 18, 2024
Description
Published by the National Vulnerability Database
Jun 11, 2024
Published to the GitHub Advisory Database
Jun 11, 2024
Last updated
Nov 18, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as “Secure”, “HttpOnly”, or “SameSite”).
References