CVE-2021-37189
N/A
N/A
Summary
An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. They do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.digi.com/search/results?q=transport
- https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txt
References
- https://www.digi.com/search/results?q=transport
- https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txt
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.