CWE-614: CWE-614

CVE-2024-2493 is a session hijacking vulnerability in Hitachi Ops Center Analyzer that allows attackers to steal or manipulate user sessions. This aff...

CVE-2021-27764 is a security misconfiguration vulnerability in HCL Domino WebUI where cookies are set without HTTPOnly flags. This allows attackers to...

A missing Secure attribute in SSL cookies in HCL AION allows attackers to intercept session cookies over unencrypted HTTP connections. This affects HC...

This vulnerability in the MEAC300-FNADE4 device allows session hijacking because cookies lack the Secure attribute. Attackers can intercept PHPSESSID ...

A cookie security configuration vulnerability in Kentico Xperience allows attackers to bypass SSL requirements when setting administration cookies via...

IBM Security QRadar EDR 3.12 fails to set the 'secure' attribute on authorization tokens and session cookies, allowing attackers to potentially steal ...

This vulnerability allows attackers to steal session cookies or authorization tokens from IBM Security Directory Integrator users by intercepting unen...

IBM Jazz for Service Management versions 1.1.3.0 through 1.1.3.24 fail to set the secure attribute on authorization tokens and session cookies, allowi...

IBM Datacap versions 9.1.7-9.1.9 fail to set the Secure attribute on authorization tokens and session cookies, allowing attackers to intercept these c...

IBM PowerHA SystemMirror for i fails to set the secure attribute on authorization tokens and session cookies, allowing attackers to steal these cookie...

IBM Concert 1.0 fails to set the secure attribute on authorization tokens and session cookies, allowing attackers to intercept these cookies when user...