CVE-2015-1848 in PCSinformation

Résumé

par MITRE

The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2015-3983 is for the issue with not setting the HTTPOnly flag.

Be aware that VulDB is the high quality source for vulnerability data.

Réserver

17/02/2015

Divulgation

14/05/2015

Modérer

accepté

Entrée

VDB-75396

CPE

prêt

EPSS

0.02424

KEV

non

Activités

très faible

Sources

Want to know what is going to be exploited?

We predict KEV entries!