CVE-2004-0462 : The built-in web servers for multiple networking devices do not set the Secure a

The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.

Published 2004-12-31 05:00:00

Updated 2017-07-11 01:30:11

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2004-0462

We don't have affected product information for this CVE yet

Exploit prediction scoring system (EPSS) score for CVE-2004-0462

EPSS FAQ

0.10%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 25 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2004-0462

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2004-0462

http://www.kb.cert.org/vuls/id/546483

Third Party Advisory;US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/17702

Jump to

Vulnerability Details : CVE-2004-0462

Products affected by CVE-2004-0462

Exploit prediction scoring system (EPSS) score for CVE-2004-0462

CVSS scores for CVE-2004-0462

References for CVE-2004-0462