VYPR
Unrated severityNVD Advisory· Published Nov 7, 2024· Updated Nov 7, 2024

HCL BigFix Compliance is affected by a missing secure flag on a cookie

CVE-2024-30142

Description

HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.