2015-01-08, 07:35 PM
Classification
Information
Resource
/
Risk
High
DISCUSSION
Vega has detected that a known session cookie may have been set without the secure flag.
IMPACT
Cookies can be exposed to network eavesdroppers.
Session cookies are authentication credentials; attackers who obtain them can get unauthorized access to affected web applications.
REMEDIATION
When creating the cookie in the code, set the secure flag to true.
How i fix this?
Information
Resource
/
Risk
High
DISCUSSION
Vega has detected that a known session cookie may have been set without the secure flag.
IMPACT
Cookies can be exposed to network eavesdroppers.
Session cookies are authentication credentials; attackers who obtain them can get unauthorized access to affected web applications.
REMEDIATION
When creating the cookie in the code, set the secure flag to true.
How i fix this?