SecBoard
Zurück zur CVE-Übersicht

CVE-2024-44575

LOW(3.7)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Risk Signal Score9/100 — NIEDRIG

EPSS-Score

0%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

3.7

Technische Schwere

Beschreibung

RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.

Referenzen