Register
Login
Toggle navigation
more
SaaS Solutions
Vulnerability Intelligence
Vulnerability Management
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Main
Vulnerability Database
CWE List
CWE-614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Description
The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session.
Latest vulnerabilities for CWE-614
Dell CloudBoost Virtual Appliance update for third-party components
2025-05-22
Medium
Yes
Public exploit
Sensitive cookie in HTTPS session without 'secure' attribute in IBM Concert Software
2025-05-08
Medium
Yes
Sensitive cookie in HTTPS session without 'secure' attribute in IBM Aspera Faspex
2025-03-28
Medium
Yes
Multiple vulnerabilities in Dell RecoverPoint for Virtual Machines
2025-01-16
Critical
Yes
Public exploit
Multiple vulnerabilities in IBM Control Center
2024-11-08
Medium
Yes
Public exploit
Multiple vulnerabilities in Intel RAID Web Console software
2024-10-03
Medium
No
HP-UX update for Tomcat
2024-09-16
High
Yes
Public exploit
Multiple vulnerabilities in Siemens SINEC Traffic Analyzer
2024-06-12
Medium
Yes
Multiple vulnerabilities in IBM Storage Copy Data Management
2024-03-25
Medium
Yes
Multiple vulnerabilities in IBM Secure Proxy
2024-03-22
Critical
Yes
Public exploit
References
Description of CWE-614 on Mitre website