Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2008-3661

Опубликовано: 12 авг. 2008
Источник: redhat
EPSS Низкий

Описание

Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

Дополнительная информация

Статус:

Low

EPSS

Процентиль: 82%
0.01722
Низкий

Связанные уязвимости

ubuntu
почти 17 лет назад

Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

nvd
почти 17 лет назад

Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

debian
почти 17 лет назад

Drupal, probably 5.10 and 6.4, does not set the secure flag for the se ...

github
больше 3 лет назад

Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

EPSS

Процентиль: 82%
0.01722
Низкий