Sensitive Cookie in HTTPS Session Without Secure Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could allow an attacker to gain access to sensitive cookies. This issue affects: Secomea GateManager all versions prior to 9.3.
The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gatemanager_4250_firmware | Secomea | * | * |