HCL AION jest podatny na permanent cookie zawierający wrażliwe informacje sesji. Przechowywanie wrażliwych danych sesji w trwałych cookies może zwiększyć ryzyko nieautoryzowanego dostępu w przypadku przechwycenia lub skompromitowania cookies. Podatność dotyczy AION 2.0.
▸ Pokaż oryginał (EN)
HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0.
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:LHcltech Aion
APPHcltech2.0.0
Powiązane podatności
Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0
HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The a...
HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a prop...
HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow c...
Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications...