Lucene search
HistoryJan 10, 2011 - 8:00 p.m.
CVE-2011-0400
piwik
cookie.php
cve-2011-0400
session cookie
security vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.8%
Cookie.php in Piwik before 1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
Affected configurations
Node
matomomatomoRange≤1.0
ORmatomomatomoMatch0.1
ORmatomomatomoMatch0.1.1
ORmatomomatomoMatch0.1.2
ORmatomomatomoMatch0.1.3
ORmatomomatomoMatch0.1.4
ORmatomomatomoMatch0.1.5
ORmatomomatomoMatch0.1.6
ORmatomomatomoMatch0.1.7
ORmatomomatomoMatch0.1.8
ORmatomomatomoMatch0.1.9
ORmatomomatomoMatch0.1.10
ORmatomomatomoMatch0.2.1
ORmatomomatomoMatch0.2.2
ORmatomomatomoMatch0.2.3
ORmatomomatomoMatch0.2.4
ORmatomomatomoMatch0.2.5
ORmatomomatomoMatch0.2.6
ORmatomomatomoMatch0.2.7
ORmatomomatomoMatch0.2.8
ORmatomomatomoMatch0.2.9
ORmatomomatomoMatch0.2.10
ORmatomomatomoMatch0.2.11
ORmatomomatomoMatch0.2.12
ORmatomomatomoMatch0.2.13
ORmatomomatomoMatch0.2.14
ORmatomomatomoMatch0.2.16
ORmatomomatomoMatch0.2.17
ORmatomomatomoMatch0.2.18
ORmatomomatomoMatch0.2.19
ORmatomomatomoMatch0.2.20
ORmatomomatomoMatch0.2.22
ORmatomomatomoMatch0.2.23
ORmatomomatomoMatch0.2.24
ORmatomomatomoMatch0.2.25
ORmatomomatomoMatch0.2.26
ORmatomomatomoMatch0.2.27
ORmatomomatomoMatch0.2.28
ORmatomomatomoMatch0.2.29
ORmatomomatomoMatch0.2.30
ORmatomomatomoMatch0.2.31
ORmatomomatomoMatch0.2.32
ORmatomomatomoMatch0.2.33
ORmatomomatomoMatch0.2.34
ORmatomomatomoMatch0.4rc1
ORmatomomatomoMatch0.4rc2
ORmatomomatomoMatch0.4rc3
ORmatomomatomoMatch0.4.1rc1
ORmatomomatomoMatch0.4.4
ORmatomomatomoMatch0.4.5
ORmatomomatomoMatch0.5
ORmatomomatomoMatch0.5.1
ORmatomomatomoMatch0.5.2
ORmatomomatomoMatch0.5.3
ORmatomomatomoMatch0.5.4
ORmatomomatomoMatch0.5.5
ORmatomomatomoMatch0.6
ORmatomomatomoMatch0.6.1
ORmatomomatomoMatch0.6.2
ORmatomomatomoMatch0.6.3
ORmatomomatomoMatch0.6.3rc1
ORmatomomatomoMatch0.6.3rc2
ORmatomomatomoMatch0.6.4
ORmatomomatomoMatch0.7
ORmatomomatomoMatch0.8
ORmatomomatomoMatch0.9
ORmatomomatomoMatch0.9.9
Related
prion
prion
Session fixation
2011-01-10 20:00:00
nvd
nvd
CVE-2011-0400
2011-01-10 20:00:17
cvelist
cvelist
CVE-2011-0400
2011-01-10 19:18:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.8%
Related for CVE-2011-0400