IBM Sterling Secure Proxy Configuration Manager may, in some circumstances, not set the Secure attribute when it creates a session or sensitive cookies. The secure attribute is used to ensure that cookies (with the attribute set) can only be sent in an encrypted channel to reduce the likelihood of eavesdropping attacks.