CVE-2016-5409 in OpenShift Enterpriseinformación

Resumen

por MITRE

Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

2016-06-10

Divulgación

2017-04-20

Moderación

aceptado

Artículo

VDB-100362

CPE

listo

CWE

CWE-200 (confirmado)

CVSS

7.5 (NVD)

EPSS

0.00234

KEV

Actividades

muy bajo

Sector

Transportation, Lawfirm, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5409
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5409
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5409/

◂ Anterior Visión De Conjunto Próximo ▸

Do you know our Splunk app?

Download it now for free!