|Category:||SSL and TLS|
|Title:||SSL/TLS: Missing `secure` Cookie Attribute|
|Summary:||The host is running a server with SSL/TLS and is prone to information; disclosure vulnerability.|
The host is running a server with SSL/TLS and is prone to information
The flaw is due to cookie is not using 'secure' attribute, which
allows cookie to be passed to the server by the client over non-secure channels (http) and allows attacker
to conduct session hijacking attacks.
Server with SSL/TLS.
Set the 'secure' attribute for any cookies that are sent over a SSL/TLS connection.
|Copyright||Copyright (C) 2012 SecPod|
|This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.