CVE-2018-5482

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel.
References
Link Resource
https://security.netapp.com/advisory/ntap-20190304-0001/ Patch Vendor Advisory
http://www.securityfocus.com/bid/107274 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:netapp:snapcenter_server:*:*:*:*:*:*:*:*

Information

Published : 2019-03-04 15:29

Updated : 2019-10-02 17:03


NVD link : CVE-2018-5482

Mitre link : CVE-2018-5482


JSON object : View

CWE
CWE-311

Missing Encryption of Sensitive Data

Advertisement

dedicated server usa

Products Affected

netapp

  • snapcenter_server