Lucene search
HistoryJul 06, 2023 - 1:15 a.m.
CVE-2023-3520
github sensitive cookie https session secure attribute
CVSS3
4.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
32.9%
Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute in GitHub repository it-novum/openitcockpit prior to 4.6.6.
Affected configurations
Node
it-novumopenitcockpitRange<4.6.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| it-novum | openitcockpit | * | cpe:2.3:a:it-novum:openitcockpit:*:*:*:*:*:*:*:* |
Related
prion
prion
Session fixation
2023-07-06 01:15:00
huntr
huntr
Sensitive Cookie Without Secure Flag
2023-06-14 01:28:49
cvelist
cvelist
osv
osv
CVE-2023-3520
2023-07-06 01:15:08
cve
cve
CVE-2023-3520
2023-07-06 01:15:08
CVSS3
4.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
32.9%
Related for NVD:CVE-2023-3520