CVE-2016-5409 in OpenShift Enterpriseالمعلومات

الملخص

بحسب MITRE

Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

10/06/2016

إفشاء

20/04/2017

الاعتدال

تمت الموافقة

إدخال

VDB-100362

CPE

جاهز

CWE

CWE-200 (مؤكد)

CVSS

7.5 (NVD)

EPSS

0.00234

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider, Government, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5409
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5409
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5409/

التالي ▸نظرة عامة ◂ السابق

Interested in the pricing of exploits?

See the underground prices here!