Insecure Transmission of Sensitive Cookie in NetApp SnapCenter Server

Insecure Transmission of Sensitive Cookie in NetApp SnapCenter Server

CVE-2018-5482 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel.

Learn more about our Cis Benchmark Audit For Server Software.