CVE-2024-2493

Name of the Vulnerable Software and Affected Versions Hitachi Ops Center Analyzer versions 10.0.0-00 through 11.0.1-00

Description The issue is related to the absence of the Secure flag in HTTPS session cookies, which can be exploited by a remote attacker to gain unauthorized access to protected information by intercepting HTTPS session cookies. This can lead to session hijacking.

Recommendations For versions 10.0.0-00 through 11.0.1-00, update to a version 11.0.1-00 or later to resolve the issue. As a temporary workaround, consider implementing additional security measures to protect against session hijacking, such as restricting access to sensitive information and monitoring for suspicious activity.