CVE-2015-3207

CVE-2015-3207

EPSS 0.6%CWE-614

In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.

Affected products

n/a · Openshift Origin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugzilla.redhat.com/show_bug.cgi?id=1221882 https://github.com/openshift/origin/pull/2261 https://github.com/openshift/origin/pull/2291