Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0462


Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0462
Last Modified 20 Oct 2005 12:00:00
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.

Vulnerable Systems


CERT-VN - VU#546483

XF - network-device-secure-plaintext(17702)

Last Updated: 27 May 2016 10:38:36