CVE-2018-5482

Summary

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel.

Affected Software

VendorProductVersion RangeStatus
NetAppSnapCenter ServerVersions prior to 4.1affected

Weaknesses

  • Secure cookie

ADP Enrichment

CVE Program Container

Additional References

References