Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL AION is susceptible to Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability
Vulnerability Description
A Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability in HCL AION.This issue affects AION: 2.0.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
HTTPS会话中未设置’Secure’属性的敏感Cookie
Vulnerability Title
HCL AION 安全漏洞
Vulnerability Description
HCL AION是印度HCL公司的一款AI生命周期管理平台。 HCL AION 2.0版本存在安全漏洞,该漏洞源于加密会话SSL Cookie缺少安全属性。
CVSS Information
N/A
Vulnerability Type
N/A