Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as “Secure”, “HttpOnly”, or “SameSite”).
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
HTTPS会话中未设置’Secure’属性的敏感Cookie
Vulnerability Title
Siemens SINEC Traffic Analyzer 安全漏洞
Vulnerability Description
Siemens SINEC Traffic Analyzer是德国西门子(Siemens)公司的一款网络流量分析工具。 Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) V1.2版本存在安全漏洞,该漏洞源于受影响的 Web 服务器在成功登录后会在浏览器上设置会话 cookie,而不应用任何安全属性。
CVSS Information
N/A
Vulnerability Type
N/A