Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-9634

Опубликовано: 12 сент. 2017
Источник: debian

Описание

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jenkinsfixed1.565.3-3package

Связанные уязвимости

ubuntu логотип

CVE-2014-9634

CVSS3: 5.3
ubuntu
больше 8 лет назад

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session.

redhat логотип

CVE-2014-9634

redhat
около 11 лет назад

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session.

nvd логотип

CVE-2014-9634

CVSS3: 5.3
nvd
больше 8 лет назад

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session.

github логотип

GHSA-g7cf-wg27-qw87

CVSS3: 5.3
github
больше 3 лет назад

Jenkins secure flag not set on session cookies