Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-9634

Опубликовано: 12 сент. 2017
Источник: debian
EPSS Низкий

Описание

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jenkinsfixed1.565.3-3package

EPSS

Процентиль: 51%
0.00282
Низкий

Связанные уязвимости

CVSS3: 5.3
ubuntu
почти 8 лет назад

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session.

redhat
больше 10 лет назад

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session.

CVSS3: 5.3
nvd
почти 8 лет назад

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session.

CVSS3: 5.3
github
около 3 лет назад

Jenkins secure flag not set on session cookies

EPSS

Процентиль: 51%
0.00282
Низкий