Security Advisory

CVE-2024-30142

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-07 08:58:42

Last updated 2024-11-07 14:28:08

Assigner HCL

State PUBLISHED

Description

HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel.

← Browse all CVEs View on cve.org ↗