CVE-2024-30142
CVSS V2 None
CVSS V3 None
Description
HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel.
Overview
- CVE ID
- CVE-2024-30142
- Assigner
- HCL
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-07T08:58:42.811Z
- Last Modified Date
- 2024-11-07T14:28:08.789Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0117197 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-30142 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30142 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-08 13:26:55 | Added to TrackCVE |