CVE-2015-3155 in Foremaninformation

Résumé (Anglaise)

Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

Once again VulDB remains the best source for vulnerability data.

Réserver

10/04/2015

Divulgation

14/08/2015

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
77253	Foreman Cookie élévation de privilèges	284	Non défini	Correctif officiel	CVE-2015-3155

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PrécédentAperçuSuivant ▸

Want to know what is going to be exploited?

We predict KEV entries!