High severity7.5NVD Advisory· Published Apr 20, 2017· Updated May 13, 2026
CVE-2016-5409
CVE-2016-5409
Description
Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- www.securityfocus.com/bid/97988nvd
News mentions
0No linked articles in our index yet.