CVE-2016-5409 in OpenShift Enterprise信息

摘要

由 MITRE

Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

预定

2016-06-10

披露

2017-04-20

管理

已接受

条目

VDB-100362

CPE

准备好

CWE

CWE-200 (已确认)

CVSS

7.5 (NVD)

EPSS

0.00234

KEV

否

活动

非常低

部门

Telecommunication, Education, ...

来源

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5409
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5409
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5409/

◂ 上一步一览下一步 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!