CVE-2021-27764

Summary

Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI)

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL BigFix WebUI9.0, 10.0affected

Weaknesses

  • CWE-614: CWE-614 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

ADP Enrichment

CVE Program Container

Additional References

References