CVE-2019-17104

CVE-2019-17104

EPSS 1.9%

In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/centreon/centreon/issues/7097 https://www.openwall.com/lists/oss-security/2019/10/08/1 http://www.openwall.com/lists/oss-security/2019/10/09/2