Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.
References
Link | Resource |
---|---|
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/06/05/klcert-19-030-hasplm-cookie-without-httponly-attribute/ | Third Party Advisory |
Configurations
History
14 Sep 2021, 12:18
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-732 |
Information
Published : 2019-06-07 15:29
Updated : 2024-02-04 20:20
NVD link : CVE-2019-8283
Mitre link : CVE-2019-8283
CVE.ORG link : CVE-2019-8283
JSON object : View
Products Affected
gemalto
- sentinel_ldk