CVE-2015-3207

2022-07-0712:25:43

CWE-614

redhat

www.cve.org

0.001 Low

EPSS

Percentile

30.9%

JSON

In Openshift Origin 3 the cookies being set in console have no ‘secure’, ‘HttpOnly’ attributes.

CNA Affected

[
  {
    "product": "Openshift Origin",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Openshift Origin 3"
      }
    ]
  }
]

References

bugzilla.redhat.com/show_bug.cgi?id=1221882

github.com/openshift/origin/pull/2261

github.com/openshift/origin/pull/2291

0.001 Low

EPSS

Percentile

30.9%

JSON

Related for CVELIST:CVE-2015-3207