PT-2022-11291 · Connx · Connx
L00Neyhacker
·
Published
2022-06-14
·
Updated
2022-06-22
·
CVE-2021-40650
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Connx version 6.2.0.1269
Description
The issue arises when the application issues a cookie without setting the secure flag.
Recommendations
For Connx version 6.2.0.1269, ensure that all cookies issued by the application have the secure flag set to mitigate the risk.
Exploit
Fix
Missing Encryption of Sensitive Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Connx