CVE-2024-44575

LOW Year: 2024
CVSS v3 Score
3.7
Low
Weakness Type
CWE-732
View all →

Vulnerability Description

RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.

Related Vulnerabilities

CVE-2018-1315

LOW
CVSS:3.7(Low)

In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arbitrary location on th...

CWE-7322018

CVE-2021-20355

LOW
CVSS:3.7(Low)

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploi...

CWE-7322021

CVE-2021-20416

LOW
CVSS:3.7(Low)

IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit th...

CWE-7322021

CVE-2021-20526

LOW
CVSS:3.7(Low)

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain s...

CWE-7322021

CVE-2021-38879

LOW
CVSS:3.7(Low)

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploi...

CWE-7322021

CVE-2022-22330

LOW
CVSS:3.7(Low)

IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensi...

CWE-7322022