CVE-2020-14248

Published: 2020-12-16T15:15Z

Last Modified: 2024-11-21T05:02Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt