Skip to main content

Insecurely generated cookies - Secure

Description

The system does not set the Secure attribute for sensitive cookies, which could cause them to be sent through an insecure channel.

Impact

Obtain sensitive information by performing a MiTM attack.

Recommendation

The application must set the Secure attribute in the cookies with sensitive information.

Threat

Unauthorized attacker from adjacent network performing a MitM.

Expected Remediation Time

⌚ 30 minutes.

Score

Default score using CVSS 3.1. It may change depending on the context of the vulnerability.

Base

  • Attack vector: A
  • Attack complexity: H
  • Privileges required: N
  • User interaction: R
  • Scope: U
  • Confidentiality: L
  • Integrity: N
  • Availability: N

Temporal

  • Exploit code madurity: P
  • Remediation level: X
  • Report confidence: X

Result

  • Vector string: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:X/RC:X
  • Score:
    • Base: 2.6
    • Temporal: 2.5
  • Severity:
    • Base: Low
    • Temporal: Low

Code Examples

Compliant code

The Set-Cookie is correctly configure using a secure channel

HTTP/1.1 200 OK
Content-Type: userID/html; charset=utf-8
Set-Cookie: session=/currentSession; Path=/mypath; secure = true
Server: Werkzeug/2.0.1 Python/3.8.9
Date: Tue, 01 Feb 2022 20:29:25 GMT

Non compliant code

The http headers do not correctly define the Set-Cookie field

HTTP/1.1 200 OK
Content-Type: userID/html; charset=utf-8
Set-Cookie: session=/; Path=/; secure = false
Server: Werkzeug/2.0.1 Python/3.8.9
Date: Tue, 01 Feb 2022 20:29:25 GMT

Requirements