Details
-
Type: Improvement
-
Status: Closed
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: EE-3.3.0.GA_P02, 4.0
-
Fix Version/s: EE-4.0.0.GA, EE-3.3.0.GA_P03, 4.1
-
Component/s: Push Library
-
Labels:None
-
Environment:All
-
Assignee Priority:P1
-
Support Case References:Support Case #13126 - https://icesoft.my.salesforce.com/5007000000rqkNj
Description
A security scan has flagged the ice.push.browser Cookie for noting having a secure and httpOnly attributes.
Summary
--------------------------------------------------------------------------------------------------------------------------
Report Vulnerable - ice.push.browser Cookie has problem(s)
Severity Low
SmartAttack Cookie Vulnerabilities
--------------------------------------------------------------------------------------------------------------------------
Message
--------------------------------------------------------------------------------------------------------------------------
ice.push.browser Cookie has problem(s)
ice.push.browser = hi2xevbo8;
Host = cdm-test.kyisc.us.ams1907.com;
Path = /
1. Cookie does not have secure attribute.
2. Cookie does not have HTTPOnly attribute.
Summary
--------------------------------------------------------------------------------------------------------------------------
Report Vulnerable - ice.push.browser Cookie has problem(s)
Severity Low
SmartAttack Cookie Vulnerabilities
--------------------------------------------------------------------------------------------------------------------------
Message
--------------------------------------------------------------------------------------------------------------------------
ice.push.browser Cookie has problem(s)
ice.push.browser = hi2xevbo8;
Host = cdm-test.kyisc.us.ams1907.com;
Path = /
1. Cookie does not have secure attribute.
2. Cookie does not have HTTPOnly attribute.
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion
Arran Mccullough
created issue -
Ken Fyten
made changes -
Field | Original Value | New Value |
---|---|---|
Assignee | Mircea Toma [ mircea.toma ] | |
Fix Version/s | EE-4.0.0.GA [ 11170 ] | |
Fix Version/s | EE-3.3.0.GA_P03 [ 11571 ] | |
Assignee Priority | P1 [ 10010 ] |
Mircea Toma
made changes -
Status | Open [ 1 ] | Resolved [ 5 ] |
Resolution | Fixed [ 1 ] |
Arran Mccullough
made changes -
Resolution | Fixed [ 1 ] | |
Status | Resolved [ 5 ] | Reopened [ 4 ] |
Mircea Toma
made changes -
Status | Reopened [ 4 ] | Resolved [ 5 ] |
Resolution | Fixed [ 1 ] |
Ken Fyten
made changes -
Fix Version/s | 4.1 [ 11570 ] |
Ken Fyten
made changes -
Status | Resolved [ 5 ] | Closed [ 6 ] |