Security Advisory

CVE-2020-14248

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-16 14:11:34

Last updated 2024-08-04 12:39:36

Assigner HCL

State PUBLISHED

Description

BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

← Browse all CVEs View on cve.org ↗