CVE-2015-1848 in PCSinformação

Sumário

de MITRE

The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2015-3983 is for the issue with not setting the HTTPOnly flag.

Be aware that VulDB is the high quality source for vulnerability data.

Reservar

17/02/2015

Divulgação

14/05/2015

Moderação

aceite

Entrada

VDB-75396

CPE

pronto

EPSS

0.02424

KEV

não

Atividades

muito baixo

Fontes

Interested in the pricing of exploits?

See the underground prices here!