CVE-2020-29024

Medium

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could allow an…

Secomea·CWE-614·Published 2021-02-16

CVSS

5.3

EPSS

0.01

KEV

Exploits

cve.orgen

248 chars

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could allow an attacker to gain access to sensitive cookies. This issue affects: Secomea GateManager all versions prior to 9.3.

NVDen

248 chars

NVDes

290 chars

Una Vulnerabilidad de Cookie Confidencial en la sesión HTTPS sin el Atributo "Secure" en (GTA) GoToAppliance de Secomea GateManager, podría permitir a un atacante conseguir acceso a cookies confidenciales. Este problema afecta: Secomea GateManager todas las versiones anteriores a 9.3

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N